You can explicitly grant database privileges to users, roles, or databases. Users also gain other privileges without a formal grant. Before you decide which privileges to explicitly grant, make sure you understand the privileges users receive by other means.
| Privilege | Description |
|---|---|
| Implicit Privileges | |
| Ownership | Users who own permanent space have implicit (ownership) privileges on any object contained in the space they own, even if another user created the object. You can transfer ownership using the GIVE statement.
|
| Explicit privileges | |
| Automatic | When a user creates a database object, Database Engine 20 automatically grants privileges to:
|
| GRANT | You can grant privileges:
|
| Inherited | Privileges that a user acquires indirectly.
|
Some privileges cannot be acquired by indirect means and must be explicitly granted to a user, database, or role. For information, see Privileges.
The system logs automatic and explicit privileges in the same way. The way the privileges were acquired are indistinguishable. All privileges except implicit privileges are stored in the data dictionary in the DBC.AccessRights table, by each user.