I completely agree with you, that definitely we'll have to compromise with security by setting Maximum Internet Access to Manager. This will be applicable in case the Web user is not being authenticated using SSL Client certificates, then we'll have to compromise to access the databases as Manager in order to modify the ACL from Web, whereas in other case there are some exception we can consider as below:
“If the Web user is being authenticated using SSL Client certificates, then the “Maximum Internet name & password access” field does NOT apply to them. These users have the full access granted to them in the ACL. In other words, if the access list says that they have “Manager” access, they truly have Manager access to the database and not the access specified in the “Maximum Internet name & password access” field.”
So, in this case hopefully we can very well use this tool without making any changes in Maximum Internet Access setting for the databases.
Here are some reference url's for the comments mentioned above:
I am yet to test the changes due to a little busy schedule, but I don't want others to stop if they can manage the settings above.
I will be more than happy to know if works well.