Security model

The security model is a combination of administrator privileges that are granted to users and groups, plus object privileges that are associated with specific objects (for example, table xyz) and classes of objects (for example, all tables).

As part of the model, any privilege that is granted to a database group is automatically granted to (that is, inherited by) all the users who are members of that group. Privileges are additive, which means that you cannot remove a privilege from a user who is granted that privilege as a consequence of being a member of a group.

Each object has an owner. Individual owners automatically have full access to their objects and do not require individual object privileges to manage them. The database owner, in addition, has full access to all objects within the database. The admin user owns all predefined objects and has full access to all administrative permissions and objects. For systems that support multiple schemas in a database, the schema owner has full access to all objects within the schema.