Information
The SYSCAT.ROLEAUTH view contains information on all roles and their respective grantees. It is recommended that the PUBLIC role be restricted from accessing this view.
Rationale:
PUBLIC should not have access to see the grants of the roles because this could be used as a point of exploit.
Solution
Perform the following to revoke access from PUBLIC.
Connect to the Db2 database.
db2 => connect to <dbname>
Run the following command:
db2 => REVOKE SELECT ON SYSCAT.ROLEAUTH FROM PUBLIC