When I create bio, I can edit the node through user/UID/bio. But at the same time it's also editable through node/NID/edit. This is not preferable since I use specific CSS to the form rendered by page-user.tpl. When it's accessible though normal page.tpl which doesn't include the custom CSS, the form looks different. Any customization lost and the user gets confused.
On the other hand and the worst part, anonymous users can still access the bio node through the node path (e.g: node/4), even though I don't allow them to access user profile. Is this a bug or the bio node is just a public node not intended to be restrictive by role?
Any workaround this? Thanks