Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

What is achieved by the concept of Database users

2 posts in Product Futures Discussion Last posting was on 2009-06-05 20:17:29.0Z
Scott Gymson Posted on 2009-05-28 06:05:35.0Z
Sender: 16af.4a1e27ca.1804289383@sybase.com
From: Scott Gymson
Newsgroups: sybase.public.ase.product_futures_discussion
Subject: What is achieved by the concept of Database users
X-Mailer: WebNews to Mail Gateway v1.1t
Message-ID: <4a1e29ae.16ee.1681692777@sybase.com>
NNTP-Posting-Host: 10.22.241.41
X-Original-NNTP-Posting-Host: 10.22.241.41
Date: 27 May 2009 23:05:35 -0700
X-Trace: forums-1-dub 1243490735 10.22.241.41 (27 May 2009 23:05:35 -0700)
X-Original-Trace: 27 May 2009 23:05:35 -0700, 10.22.241.41
Lines: 17
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:2032
Article PK: 97631

Hi,
I can only see that databases and database users only
help in namespacing the objects.

I have tried creating two different users (u1 and u2) for a
login (server user) for two different databases (db1 and
db2).

u2 could access an object for which u1 was explicitly given
access permissions. u2 could drop an object owned by u1 as
well.

Can you please explain the purpose of databases and database
users if there is something other than namespacing?

Thanks,
Scott


Chris N. Brown [Sybase, Inc.] Posted on 2009-06-05 20:17:29.0Z
From: "Chris N. Brown [Sybase, Inc.]" <chris.dot.brown@sybase.dot.com>
Subject: Re: What is achieved by the concept of Database users
Newsgroups: sybase.public.ase.product_futures_discussion
References: <4a1e29ae.16ee.1681692777@sybase.com>
User-Agent: Pan/0.132 (Waxed in Black)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
NNTP-Posting-Host: vip152.sybase.com
X-Original-NNTP-Posting-Host: vip152.sybase.com
Message-ID: <4a297d59$1@forums-1-dub>
Date: 5 Jun 2009 13:17:29 -0700
X-Trace: forums-1-dub 1244233049 10.22.241.152 (5 Jun 2009 13:17:29 -0700)
X-Original-Trace: 5 Jun 2009 13:17:29 -0700, vip152.sybase.com
Lines: 32
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:2035
Article PK: 97633


On Wed, 27 May 2009 23:05:35 -0700, Scott Gymson wrote:

> Hi,
> I can only see that databases and database users only
> help in namespacing the objects.
>
> I have tried creating two different users (u1 and u2) for a login
> (server user) for two different databases (db1 and db2).
>
> u2 could access an object for which u1 was explicitly given access
> permissions. u2 could drop an object owned by u1 as well.
>
> Can you please explain the purpose of databases and database users if
> there is something other than namespacing?
>
> Thanks,
> Scott

Posted in the wrong group (try the ase administration group) but I'll
reply.

It's security, similar to what UNIX users (or even windows users) get
with their OS. You can keep individual users from accessing specific
tables (or performing DML operations on specific tables) or executing
stored procedures.

I normally see enterprises create "groups" (usually based in business
function), grant permissions to the group itself, and then add users to
the group. Keeps management easier.

HTH,
Chris