Given the following entries with regards a specific resource (f.i: perspective) in the default security-policy.properties configuration:

default.permission.perspective.read.DataSetAuthoringPerspective=false

If an user removes the denied item from the security settings UI, the changes are applied ok. However, if the user logout/login again, the same entry appears as denied again. See video permission_not_persisted.mp4

The same issue can be reproduced with any resource type, perspectives, editors, etc. The solely condition required is that the overall read permission is granted by default and denied to specific items as part of the default security policy configuration.