Would like to allow the use of the program IND$FILE to just a few choosen users, and for the rest of the users, render the program inaccessible in the ALL record.  Have tried to add a permit to the ALL record as:

  tss per(all) program(ind$file) access(none)

But this invariably returns an error message :

  TSS0210E  INVALID ACCESS KEYWORD 
  TSS0301I  PERMIT   FUNCTION FAILED, RETURN CODE =  4 

Release:  Top Secret r16.0

Normally, it is enough to just OWN the program resource IND$FILE, without any further permits, to render the program unusable for any acid that does not possess general bypasses such as NODSNCHK etc, or general permits.

So, by just owning the program, you should effectively have a general access denial to this program :

      TSS ADDTO(department-acid) PROGRAM(IND$FILE) 

You can also explicitly deny access to the program by this permission to the ALL record :

      TSS PERMIT(ALL) PROGRAM(IND$FILE) ACTION(DENY) 

or to force fail mode : 

      TSS PERMIT(ALL) PROGRAM(IND$FILE) ACTION(FAIL,DENY) 

If a specific acid would then require access to the program, you can grant it with :

      TSS PERMIT(acidname) PROGRAM(IND$FILE) 

Be aware that the above permission to use IND$FILE does not require an ACCESS keyword.