Using the RESTRICTLOWPORTS parameter to control access to unreserved ports below port 1024

When the RESTRICTLOWPORTS parameter is specified on the UDPCONFIG or TCPCONFIG profile statements, an application cannot obtain a port in the range 1 - 1023 that has not been reserved by a PORT or PORTRANGE statement, unless the application is APF-authorized or has OMVS superuser [UID(0)] authority. z/OS® Communications Server client applications that need to bind to a low port are provided as APF-authorized.

Tip: When you configure the RESTRICTLOWPORTS parameter on the TCPCONFIG or UDPCONFIG profile statements, PORT UNRSV statements for the corresponding protocol control access only to unreserved ports above port 1023.