Hi Tim,
what happens when you create a opendoc link to the css file and execute it on the browser?
Do you explicitly deny on specific rights? If yes, then it could be a collition of rights there. Go ahead and create a security query on CMC to find out which access level is setting an explicit deny there.
Best regards,
Victor