ID Number: Q75291
1.10 1.11 4.20
OS/2
Summary:
The GUEST username in the master database is necessary for users
(other than the system administrator) to log in and should not be
removed. If it is removed, a user who does not have an account in the
master database can no longer log in to the server. This is the case
even if the user has an account in a default database other than the
master.
Because the GUEST username should not be removed, there is no way to
physically restrict users from the master database. That is, they can
still execute the USE MASTER command. However, if the users do not
have an account in the master database, they are given access under
the GUEST username. To restrict users from accessing or viewing
objects, revoke privileges such as SELECT and EXECUTE from the PUBLIC
group, of which GUEST is a member.
Additional reference words: 1.10 1.11 4.20 Security and permissions