Tac Lite config issue

Hi

I have a site where I want to have hierarchical access control to content.

So, I created a Taxonomy "Access Level" like this--

Level 4
--Level 3
----Level 2
------Level 1 (Registered)
--------Level 0 (Anonymous)

and have tagged all the content.

Then, I installed Tac_lite.

I have edited the preexisting content and submitted it... so that tables would update.

Authenticated User role is set to access Level 1 and Level 0; Anonymous only Level 0.

Well, in blogs for example, when I log out, the things which are set to Level 0 show up properly, tagged as Level 0. BUT, the things tagged as a higher level (say Level 2) show up WITHOUT a tag, but they DO show up.

If I sign in as a user with Level 2 they show up tagged as level 2.

I have set up devel_node_access and the problem posts show realm of Tac_lite but gid of 0; the others show a gid of 10. (is there documentation somewhere on what the devel_node_access numbers mean? I can't watch Dave Cohen's nice video from home because here I'm on 30k dialup... at the office I can but it's a long drive...)

What's up here?

BTW I set up the levels as a hierarchy above so that searches for higher levels would be inclusive of lower ones. But just in case I changed it so they all sit directly under root; didn't make a difference. It also doesn't matter whether it is old content or new; when I create new content it behaves the same way--it isn't restricted.

The permissions on Anonymous are to access content and comments btw.

Thanks if you can help.