Setting Students can view ALL responses to NEVER does not prevent students from accessing the View All Responses report of a questionnaire. The setting seems to only remove the hyperlink from the student role and not prevent access.
This is a big security issue since, under certain scenarios, a student could easily figure out how to access the view all responses report without that hyperlink.
One example is if a course uses 2 types of questionnaires where 1 questionnaire View all responses is set to never and another questionnaire where View all responses is set to visible. It wouldn't take much for a student to figure out that changing the instance parameter from the questionnaire where view all responses is visible will take you to another questionnaire and the View all set to never will not restrict the student from viewing the report.
The security problem was first reported back in 2011 here https://moodle.org/mod/forum/discuss.php?d=166492.