The $id passed from ft_page_lookup to auth_quickaclcheck is terminated with a new-line character which messes up the regexp matching against the ACL list. The new-line comes from reading page.idx with file(). Its never removed. Namespace ACL rules should work, but exact page rules shouldn't.
Simple solution is to trim the id as its sent to auth_quickaclcheck(). I'll send a patch that does this.
If you want to try and reproduce the problem again to confirm its not specific to my setup, I believe the key is that the only ACL rule that has NONE access is a page specific rule.
The $pages array is mapped with rtrim() in the current code, so there shouldn't be any newlines left. Can you still reproduce this?