Team Foundation Server - Why can all valid users see all Team Projects?
For TFS2005 this question is valid, because the group Team Foundation Valid Users has the right to View project-level information on Team Projects by default as shown:
To work around this security issue, deselect the View project-level information option when creating Team Projects.
For TFS2008 this question seems to have vaporised, because by default the group Team Foundation Valid Users does not appear as shown:
I for one was not aware that this issue fizzled out with TSF2008 ... until Etienne mentioned the problem today and I had a peek at our TFS2005 and TFS2008 servers back home.