There's not way to enforce limits as an issuer. Trust line limits are fully controlled by the holder.
I agree with you that it would be very useful to let assets w/ AUTH_REQUIRED have that control, and let
changeTrust
operations that tries to increase limits simply fail.