• Introducing Dark Mode! Switch by clicking on the lightbulb icon next to Search or by clicking on Default style at the bottom left of the page!

Strange Issue with solution explorer security



We recently secured menu designed with the below entry in sec. workbench during a security review project-
User / Role Security Type Description Menu Design Menu Filtering Fast Path Documentation OMW Logging Favorites
*PUBLIC A Solution Explorer Security 1 3 0 0 0 3

But the access was available for SYSADMIN role, below entry for SYSADMIN role-

SYSADMIN A Solution Explorer Security 3 3 1 3 1 3

So menu designed was already enabled for the users as they were assigned this role(SYSADMIN) but as soon as the *PUBLIC record was added, they lost access to menu design and we had to explicitly give access to the user ids as below-
PSFT A Solution Explorer Security 3 3 1 3 1 3

I find that strange, the *PUBLIC record shouldn't affect the access already granted in the role right?

I mean am I wrong? isn't the hierarchy is User ID-ROLE-*Public???