It sounds like your RACF is working as designed. From the RACF Command Language Reference
manual section 5.6:
RESTRICTED | NORESTRICTED
RESTRICTED Specifies that global access checking is bypassed when resource access checking is performed for the user, and neither ID(*) on the access list nor the UACC will allow access. The RESTRICTED.FILESYS.ACCESS profile in the UNIXPRIV class can also be used to bypass the z/OS UNIX other permission bits during file access checking for RESTRICTED users. Note: If your installation has profiles defined in the PROGRAM class, and the user ID with the RESTRICTED attribute needs to load programs covered by one or more of these profiles, the user ID must be put on the access list with EXECUTE or READ authority. NORESTRICTED Specifies that the user does not have the RESTRICTED attribute and access checking is performed the standard way including global access checking, ID(*), the UACC, and the z/OS UNIX 'other' permission bits as appropriate.