Application security setup required

From Developer for z/OS® Version 7.5.1.1:
Until Version 7.5.1.1, if a user was not allowed explicit READ permit to the FEKAPPL profile in the APPL class, processing continued. In Version 7.5.1.1, this behavior changed, and a connection is now terminated if a user does not have an explicit permit to FEKAPPL. The client gets a clear error message when this happens.

Note: When implemented, RTC 22990 (logon fails on FEKAPPL check due to TSS bug, the explicit check for FEKAPPL is removed in Version 8.0.1.0, and Developer for z/OS relies on the judgment of RACF®. (RACF works the other way around: Explicit NONE permits are needed to refuse access.)
From Developer for z/OS Version 8.0.1.0:
As a bypass for a TSS bug, the explicit check for FEKAPPL is removed in Version 8.0.1.0, and Developer for z/OS relies on the judgment of RACF. (RACF works the other way around: Explicit NONE permits are needed to refuse access.)