Users who do not have the 'admin' role when navigating to a closed incident record, they don't have the ability to attach files. They don't see the attachment icon and when they drag and drop a file onto the form, the system throws the following message:
"File attachments not allowed"
This is caused by a Client Script which hides the attachment icon on the form.
Along with the Client Script mentioned above, there are two OOB ACL which stop WRITE access to closed incident records.
Follow the steps below and ensure you test thoroughly on a sub-production instance first:
You may find that after performing the ACL changes, your users now have access to modify fields on the form.
This is something you need to take into consideration and accommodate for, with either using more ACLs against fields or UI Policies.