SELECT ENV('os.name') || ' ' || ENV('os.version') || ' ' || ENV('java.home') returns the details of the server, which from the client perspective is a security risk. This information is even visible by a user with no access to any tables. Client is looking to have this disabled, or have the ability to disable it.