With patch from March 12, 2010 ! (http://drupal.org/node/431776) it is no longer possible to run cron as authenticated user as described in Running cron as an authenticated user. Every cron call is forced to run as anonymous user:
function drupal_cron_run() // Force the current user to anonymous to ensure consistent permissions on // cron runs. $original_user = $GLOBALS['user']; $GLOBALS['user'] = drupal_anonymous_user();
I confirm the comment Each module that implements hook_cron must handle access. I wonder nobody else reported this problem before - for such a long time. Maybe I'm blind but I haven't yet found a solution for this.