By default, security for all PublishingFileRepository item descriptors is defined as follows:

Principal

Access Privileges

ATG Content Administration roles:
  EPub-Super-Admin
  EPub-Admin
  EPub-Manager
  EPub-User

ACC groups:
  administrators-group

Read
Write
Create
Delete

ACC groups:
  everyone-group

Read

You can examine the secured repository definition file at this location:

<ATG10dir>/Publishing/base/config/atg/epub/file/publishingFileSecurity.xml

You can also access this file in the Dynamo Server Admin Component Browser, via the configurationFile property of the SecuredPublishingFileRepository component.