Users that do not have these two permissions will see the respective forms in IT Services category of Service Catalog (Submit Request menu item).
Perhaps most noticeably, All Users group by default does not have these permissions set, yet users in All Users group will still see Request Access to Network Share and Reset Password items.
In Service Catalog configuration, access to these two items is given by ServiceDesk.Services.Categories.It permissions as well as the specific permissions, so anyone who has access to IT Services category in Service Catalog will see these items.
Remove ServiceDesk.Services.Categories.It permissions entry from both of these Service Catalog Items.
Note that after removing these, you will need to add the permissions mentioned above to the user groups that do need access to these forms.
This issue has been addressed in ServiceDesk 8.0 and newer.