When a security product other than RACF is in use

Z Data Tools makes RACROUTE calls, with STATUS=ACCESS, to SAF FACILITY profiles:
  • FILEM.SAFAUDIT.** (only if the first call fails)
STATUS=ACCESS is specified because the RACROUTE call should not audit the call. The documentation in the z/OS® Security Server RACROUTE Macro Reference, in the description of RACROUTE REQUEST=AUTH,STATUS=ACCESS, states:
The request is simply to return the user's highest current access to the resource specified. Upon successful completion, the user's access is returned in the RACF® reason code. No auditing is done for this request.

When RACF is used, the STATUS=ACCESS request works as documented, and no security-related logging or abends are generated, even if you do not have access to the profile.

However, when non-RACF security products such as ACF2 are used, an S047 abend may be issued in response to the above RACROUTE request. These users should consult the product documentation and make changes accordingly.