SQL Anywhere Studio Security Guide
Keeping Your Data Secure
There are several security features you can set either when starting the database server or during server operation, including:
Starting and stopping databases By default, any user can start an extra database on a running server. The -gd
option allows you to limit access to this option to users with a certain level of permission in the database to which they are already connected. The permissible values include DBA, all, or none.
For more information, see -gd server option.
Creating and deleting databases By default, any user can use the CREATE DATABASE statement to create a database file. The -gu
option allows you to limit access to this option to users with a certain level of permission in the database to which they are connected. The permissible values include DBA, all, none, or utility_db.
For information, see -gu server option.
Stopping the server The dbstop utility stops a database server. It is useful in batch files, or in other cases where interactive stopping of the server (by clicking Shutdown on the server window) is impractical. By default, any user can run dbstop to shut down a server. The -gk
option allows you to limit access to this option to users with a certain level of permission in the database. The permissible values include DBA, all, or none.
For more information, see -gk server option.
Loading and unloading data The LOAD TABLE, UNLOAD TABLE, and UNLOAD statements all access the file system on the database server machine. If you are running the personal database server, you already have access to the file system and this is not a security issue. If you are running the network database server, unwarranted file system access may be a security issue. The -gl
option allows you to control the database permissions required to carry out loading and unloading of data. The permissible values are DBA, all, or none.
For more information, see -gl server option.
Encrypting client/server communications over the network For greater security, you can force client/server network communications to be encrypted as they pass over the network.
For more information, see Encrypting client/server communications.
Encrypting client/server communications