I thought I was insane...

What happens if you create a state, 'public', that sets a couple of permissions:

• Add portal content... reviewer = true
• Add Rich Document... reviewer = true

Now, you make a folder, 'about/', public, and those permissions will get set. You can check this by navigating to the 'about' folder in the zmi and looking under the security tab. All is good.

But suppose you go back and tweak your workflow a little, so that 'public' looks like this:

• Add portal content... reviewer = false

The folder's permissions don't match the state, of course. You can fix it two ways:

• Click the 'update security settings' button
• Transition the folder to another state and then back to 'public'.

Ahh, but it's not actually fixed. The new state changes the definition of 'Add portal content'. But because it no longer contains 'Add Rich Document', it leaves that as it was. Look at the settings for the folder directly and you'll see the 'Add Rich Document' permissions are still there.

Change them manually, or since this is just sample data anyway in your development sandbox, blow it all away and try again.