-20264 FOR TABLE table-name, primary-auth-id WITH SECURITY LABEL primary-auth-id-seclabel IS NOT AUTHORIZED TO PERFORM operation ON A ROW WITH SECURITY LABEL row-seclabel. THE RECORD IDENTIFIER (RID) OF THIS ROW IS rid-number.
Explanation
primary-auth-id attempted an MLS READWRITE operation on a row without having the proper Multilevel Security (MLS) authorization. The RID identifies this row.
The RID might be *N when a RID identifier is not available for the row.
System action
The operation that was attempted could not be performed.
Programmer response
If this user is authorized to perform this operation, ensure that this user has been properly defined to MLS. If the row data needs to be viewed, use DSN1PRINT.
In the case of a view or cursor, where the primary authorization ID is able to access more rows than it can update or delete, you can add the WHERE clause to limit the rows accessed, based on the security label of the primary authorization ID. The security label can be retrieved using GETVARIABLE(SYSIBM.SECLABEL).
SQLSTATE
42512