Under certain circumstances, Views 3 seems not to honor access permissions as configured in "basic settings". The attached View has three displays (Default and two Page displays), and none should allow access for anonymous users. However, if an anon enters the defined path, het gets a page listing.
This is extremely strange since I cloned this view a couple of times, and with a slightly different configuration I get the expected "Please log in" screen for anons, when the URL path is accessd directly.
Both Views use relationships on different Flags, one display uses an argument, and one uses an additional reltionship on a 'Flag Note' (an contributed add-on module for Flags). Please adjust the issue queue accordingly if contributed modules have the potential to circumvent Views access permissions.
./admin/user/permissions, the "Access al Views" permission is unchecked for user role "Anonymous".