That is correct. These two shares are integral to windows logins and login scripts working. They are supposed to be visible to clients. Basically, don’t put anything in there that isn’t supposed to be readable by everyone.
These are also the shares that are used by domain controllers for replication of Group policy information and such.
I can’t stress enough, you <i><b>NEED </b></i>these shares.
the default permissions for both shares is read for all users, ntfs is read and execute. as long as you aren’t using these shares for anything else, this shouldn’t cause you any problems.