After discussing this situation with Eric Zenz, I found out we made a change in the 2007 release that makes it easier to manage who has access to your project’s team site.
In 2003, you had to be on a project’s team and assigned to a task to get access to a project’s team site. So, everyone wound up with a “Give Access” task on the project plan. This task, though, gave everyone on this task read/write access. To give someone read access, you had to set up these people manually. If the company had this SharePoint administration permission locked down, the PM had to ask the application administrator to add these “read only” people to the team site. Now multiply this request times 600 team sites and it can get to be quite a bit of maintenance.
In 2007, we made some improvements in this regard. Resources are automatically granted read access to the project’s team site when they are added to a project’s team via TeamBuilder. When a resource is assigned to a task on the plan, they automatically get contributor read/write access. This makes it easier for the Project Manager to provide wider access to the team site without having to learn WSS security administration or make life interesting for the application administrator.