On Unix and Linux, the database system uses special operating system groups, the support groups, to protect operating system resources from unauthorized access. Defining support groups is optional. We recommend that you define a separate support group for each database.
The system default for the name of the support group for a database is sdb<database_name>, for example sdbdemodb for database DEMODB . If you define a support group, you must include the special operating system user <sdb_user> in this group.
Operating system users who belong to the support group can execute support tasks without having to be a member of the <sdba_group> operating system group.
If there is a support group for a database, then the volumes receive the operating system group ID (GID) of the support group. Operating system users who belong to the support group can access the volumes directly, for diagnosis purposes, for example.
If you have defined a support group, but have not yet assigned any operating system users to it (empty support group), then operating system users cannot access the volumes directly.
If there is a support group for a database, then the user profile container also gets the GID of the support group. The user profile container is the file in which the DBM server manages its authorizations. For more information, see Database Administration, Configuration Files.
SAP MaxDB Security Guide, Data Storage Security