CA Log Analyzer for DB2 for z/OS (PLA) generates UNDO SQL for a table where a user does not have SELECT authorization. Is this by design?
PLA provides PARMLIB option SECURITY within the PLA member of hlq.CDBAPARM to control whether to use DB2 authorization to determine if the user has authority to review or use the data in the log for specific tables:
Y - Use DB2 authorization.
N - (Default) Do not use DB2 authorization.
To enforce DB2 security specify SECURITY (Y).