ok, done, thank u, now i am trying to explore the adaptive server logins, database user and managing user permission. but i got 1 problem, i do not know how to grant all object permission to the new user ( not the dbowner).so, should i change the dbowner in order to grant all the permission?
No leave the dbowner as is, that should be a special "owner", often sa or some non-human.
You need to learn basic SQL, which is the language used to administer and manage the server and the dbs, plus the Sybase-specific extensions. The command is grant select on table to user.
But that's just answering your simple question. You need to think about and set up a security model, so that you are not doing simple low-level grants all the time. The standard is:
- do not use Groups, they are deprecated
- no grants directly to Users
- all grants to Roles, and then grant Roles to Users
- all transactions in stored procs
- no grant insert/update/delete to Users or Roles
- grant exec on selected procs to Roles (which means all insert/update/deletes are forced to be transactional and users cannot directly update the tables non-transactionally, eg. via MS Excel)
- grant select, references to Roles
--- for a corp that has tight internal security, you can grant select, references to public
- no aliases
ANything less that that and you will have (a) more manual labour administering the grant/revokes and (b) security holes in your database.