VIEW ANY DATABASE Permission
VIEW ANY DATABASE permission is a new, server-level permission. A login that is granted this permission can see metadata that describes all databases, regardless of whether the login owns or can actually use a particular database.
By default, the VIEW ANY DATABASE permission is granted to the public role. Therefore, by default, every user that connects to an instance of SQL Server 2005 can see all databases in the instance. To verify this behavior, run the following query:
SELECT l.name as grantee_name, p.state_desc, p.permission_name FROM sys.server_permissions AS p JOIN sys.server_principals AS l ON p.grantee_principal_id = l.principal_id WHERE permission_name = 'VIEW ANY DATABASE' ; GO
The metadata that describes the master and tempdb databases is always visible to public.
Members of the sysadmin fixed server role can always see all database metadata.
Database owners can always see rows in sys.databases for databases that they own.
Granting the CREATE DATABASE and ALTER ANY DATABASE permissions to a login confers access to the database metadata.
CREATE DATABASE permission is implicit to the dbcreator fixed server role.
If you grant CREATE DATABASE and ALTER ANY DATABASE permissions to a login and do not deny VIEW ANY DATABASE to the login, the login can see all rows in sys.databases.
To limit visibility to database metadata, deny a login the VIEW ANY DATABASE permission. After this permission is denied, a login can see only metadata for master, tempdb, and databases that the login owns.