The system does not allow APF-authorized programs to use some resources that programs running in supervisor state or PSW key 0-7 are allowed to use. For example, certain macro keywords are restricted to programs running in supervisor state or PSW key 0-7. Programs that are APF-authorized, but not running in supervisor state or with PSW key 0-7, cannot use these keywords when invoking the associated macros.
Any user can submit a job that runs an authorized program. To restrict a program to an individual user or a group of users, you can use library security facilities to place the program in a library (other than SYS1.LINKLIB, SYS1.SVCLIB, or a library in the LPALST) that is protected by a security product such as RACF®. If a program is an APF-authorized program, it must reside in a library that is in the APF list or in the link pack area (pageable LPA, modified LPA, fixed LPA, or dynamic LPA).