Content managers has ability to edit global site ClientConfig settings

[NDruce]

Content managers has access to change values in ClientConfig, so they can, administer the site in some way. For example, access to global MODX settings is restrictable, so there is logic that ClientConfig has to be restrictable too. Please, fix access control to ClientConfig, because it can contain sensitive data that some roles of users must be denied to modify anyway and even see too.

[Mark-H]

There's #17 and #88 which request more granular permissions but I'm interested in your use case where CC contains settings that are considered sensitive.