I've just done some experimenting with editable displays in 1.6 and 1.7, and even if users have been marked as not having access to the base record type (eg researcher role on the demo server at demo.collectiveaccess.org), they can edit records that they should not be able to. Is there a simple access check that can be made before updating the field at least, or at least a flag for 'can use editable view' for the role?
This issue concerns type-based access control only?
I replicated it on your demo server which doesn't have type based access control. I created a user and put them in the researcher role, logged in as that user and managed to change simple attribute values and intrinsics. Pop-up fields were not editable. Will test again in a bit as I'm not sure what field level access control existed for researcher (they didn't have the action permissions for objects other than searching and browsing.
On testing in 1.6.1 I now cannot replicate it there, but I can still replicate this in 1.7-dev (the demo server). I created a user with the 'researcher' role on demo.collectiveaccess.org. Additionally I updated the researcher role and turned field access to 'read only' for all record types, and still managed to change object titles. For example see: http://demo.collectiveaccess.org/find/SearchObjects/Index/search/lighthouse (presuming the database hasn't been reset).
Fixes for 1.7 are in GitHub/develop. They work for me in my testing. Let me know how they work for you. Thanks.