While working on SharePoint projects, i have often tumbled across these common issues:
1) Masking the user’s email and other details.
2) The restrictive read access for lists that would prevent anonymous users to see the all items page but it will allow a webpart running in anonymous context to read the list items.
A possible solution for this is as follows:
1) User email details – disable the page – add a webpart or a handler that redirects the req. (this is my understanding of the only way this can be done)
2) Restrictive read – make sure you used the publishing template and make sure this is active:
Use lockdown mode:
Lockdown mode is a feature that you can use to secure published sites. When lockdown mode is turned on, fine-grain permissions for the limited access permission level are reduced. The following table details the default permissions of the limited access permission level and the reduced permissions when lockdown mode is turned on - Read more here...