In an e-conversation I had with Sue Hanley last week, she alerted me to a potentially troublesome situation involving documents that are checked-out on upload. Only the author can see these documents; even the Site Collection Administrator (and in fact even the System Account) does not have rights to see them - so to all other users of a site, they do not appear. She describes this scenario in detail in this blog post, which I highly recommend reading, and I want to emphasize that for anyone using site collections as collaborative client extranets, if the right conditions are met, your internal users will not see documents uploaded by the client, and vice versa, unless the uploader knows to check them in.
Sue and I agreed this could be better handled, and I've added this to my wishlist for the next release, in the Security/Permissions section.
