I'm not 100% sure which one it is, but there are two permissions around editing tickets that I believe control the ability to access the Manage Type Types area you are referring to:
- The user will be able to edit all tickets regardless of type
- The user will be able to edit tickets for which they are primarily responsible
If I had to pick one, the most likely is the first about being able to edit all tickets regardless of type.
Are you seeing users without that permission on their ticketing application security role who can still see that Manage option to edit the time types on tickets?