The problem is NCP permissions assigned to individual files, using say the normal NCP client, through normal file usage can frequently result in loss of the permissions when a file is edited by say a Windows application (does a copy on write), by using COW file system such as BTRFS, and by modifying files with Linux utilities.
This is particularly true when using the NSS file system.
This produces unsuspected loss of file access permissions, yet that loss is normally invisible to users unless they take extra steps to check after each and every file change operation. That is definitely not a good situation.
The solution is to modify the NCP client to allow setting access permissions on only directories, not individual files. That task is simple and does the needed chore. This also eliminates having to teach each and every user about this technical effect. Clear and easy to understand documentation would also help.