Hi this is a feature request that would solve a loop hole that can lead to really big security issues. What we need is that the top most categories get set a default access level (which can be set in the backend.). For the moment the default access level is "Inherited" and there is no category from which it can inherit, meaning that it is set to PUBLIC without the user knowing it.
If you would get rid of the default being INHERITED that would make it way way easier for the end user. Just let us set a default category access level (I would choose REGISTERED) and then the user can choose from the frontend.