Permissions for use of the system tables can be controlled by the Database Owner, just like permissions on any other tables.
By default, when SAP ASE is installed, the installmodel script grants select access to “public” (all users) for most system tables and for most fields in the tables. Instead, the default permissions on the system tables are assigned when the SAP ASE server builds a new database. However, no access is granted to some system tables, such as syssrvroles, and no access is granted to certain fields in other system tables. For example, all users, by default, can select all columns of sysobjects except audflags.
See the Security Administration Guide for more information.
sp_helprotect system_table_name
use master go sp_helprotect syssrvroles go