--- user\user.module	2007-12-06 14:49:14.000000000 -0500
+++ user.module	2007-12-19 23:02:52.281250000 -0500
@@ -375,7 +375,13 @@ function user_access($string, $account =
   // To reduce the number of SQL queries, we cache the user's permissions
   // in a static variable.
   if (!isset($perm[$account->uid])) {
-    $rids = array_keys($account->roles);
+    // If no roles yet, use anonymous?
+    if (empty($account->roles)) {
+      $rids = array(1);
+    }
+    else {
+      $rids = array_keys($account->roles);
+    }
     $placeholders = implode(',', array_fill(0, count($rids), '%d'));
     $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN ($placeholders)", $rids);
     $perm[$account->uid] = '';