Contents Index Security warnings Example 1: User1 creates table1, and user2 creates view2 on table1

SQL Anywhere Studio Security Guide
  Restrictions and Other Security Concerns

Changing ownership on nested objects


This page describes operation of Adaptive Server Anywhere in a manner equivalent to a C2-security-certified configuration. It does not provide general-purpose information on the topic.

Views and procedures can access underlying objects that are owned by different users. For example, if usera, userb, userc, and userd were four different users, userd.viewd could be based on userc.viewc, which could be based on userb.viewb, which could be based on usera.table. Similarly for procedures, userd.procd could call userc.procc, which could call userb.procb, which could insert into usera.tablea.

The following Discretionary Access Control (DAC) rules apply to nested views and tables:

The following DAC rules apply to nested procedures:

Following are some examples that describe this behavior.


Example 1: User1 creates table1, and user2 creates view2 on table1
Example 2: User2 creates procedure2 that accesses table1
Example 3: User1 creates table1, user2 creates table2, and user3 creates view3 joining table1 and table2

Contents Index Security warnings Example 1: User1 creates table1, and user2 creates view2 on table1