CA View requires update authority to initially access the database to save user profile information such as last access date and current access mode. UPDATE authority is also required to retain access information with respect to the last time a report was browsed or printed. Once the users gain access, their authority to perform online functions is controlled by the security rules that have been built.
In addition, you can secure the CA View database datasets from being accessed by other applications by using the SARXTD system extensions. By turning on the dataset security option in SARXTD, you can secure the View datasets so that only 'View' utilities can have access. All other non-View utilities will fail with a S913 if trying to access a dataset with the HLQ specified in the SARXTD parms.
To learn more about securing datasets in CA View using SARXTD, please refer to the section entitled SYSTEM EXTENSIONS (SARXTD) in Chapter 3 of the CA View System Reference Guide.