Hello,
Let me start off by answering #4. At the current time there is no way to refresh the database from a scheduled task, the ability to do so is being considered for the future though.
For the other 3 questions my answer will be global to all of them. What we have done here and suggest doing is that you actually assign the following rights to users on the search database itself and do not set rights at the table level.
1) db_datareader = for users who only need to search (SELECT).
2) db_datawriter = for users to write to the tables in the database (INSERT).
3) db_ddladmin = for users who have to create tables (CREATE).
If a certain user only needs to run searches but will never rebuild the db_datareader is plenty. For those who have to rebuild, they need all 3 rights.
This will allow you to specify security at the database level. The users won't have access to any other databases that you may have and will then have control over the other search tables.