On the Access rights tab, which is present when you have selected a new or existing database definition, you determine the access rights for this database table and the objects in it, to restrict access to records, dependent on the user (login name in Windows) and its assigned role. You can also set default access rights for all saved searches (aka pointer files) together specific to this database table; default pointer file access rights for a specific role do not take effect in application data sources for which pointer file methods with any access rights for the same role have been specified.
Click here for information on how to edit properties in general. On the current tab you'll find the following settings:

Access

Here you may define which Roles have which Access rights to this database table, its datasets and fields. You can indicate for each role whether no access (None), Read access, Write access or Full access must apply. If a role is not linked to this database, then each user linked to that role has full access by default. A user without a role always has full access.
Users are assigned to roles in the application setup.

Default pointer file (saved search) access rights

Here you may define which Roles have which default Access rights to individual saved searches for this database table: this setting is independent from the Access setting for the database as a whole above. You can indicate for each role whether no access (None), Read access, Write access or Full access must apply. If a role is not linked to this database, then each user linked to that role has full access by default. A user without a role always has full access. Users are assigned to roles in the application setup. Individual saved searches for which no access rights have been specified, are visible to everyone. If a user wants their saved search to be private, they should set the $REST access to None. $REST in this case means “everyone but the owner and $ADMIN”. $REST = None means that new saved searches are invisible to anyone but the owner. The owner of a saved search always has access to his or her own saved search.
New saved searches will actually be assigned these default access rights, so in their properties you can view them (or remove them). Note that the access rights you set here, only apply to saved searches created from now on: existing saved searches are not affected!

If you also specify access rights to a pointer file method in a data source of an application, then realize that those access rights only apply to whether the saved searches functionality will be visible and usable in Collections, not to individual saved searches.

See also

Security in Collections