I have a Sharepoint site (MOSS 2007 SP2) that all domain users seem to have read access to even if I remove all user permissions to the site. I have no problem granting users all levels of permissions. For example, I can grant userA full access to my site, but when I remove the user completely from the site they still have read access.
This is actually a subsite that does not inherit permissions from the parent. THis subsite also has subsites that either inherit or dont inherit permissions. Either way, the issue seems to exist on all subsites of the affected site.
What makes this even stranger is that if I run a sql query to show who has access to a site it displays the same users that are listed on the permissions page for the site. For example, I give a user "read" access to the site then run the query, that user will appear in the query results as having "read" access. Then I remove the user from the site permissions page and run the query again, that user is gone from the query results and the permissions page, but they still have "read" access to the site.
All users seem to have "read" access to this site and all its subsites even if they were never granted permissions to the site.Recently, I installed a microsoft security patch that fixes a known issue caused by installing SP2. This is a link to that issue and the patch that fixes it http://support.microsoft.com/kb/971620/ I am not sure if installing that patch was the cause of the issue. But if it is why would it affect just that particular subsite and its decendants? Has anyone encountered anything like this before?