Logged In: YES 
user_id=707416

Actually, I can think of a couple of use cases where
searches should not be public (e.g. searches for abusing
users where the query may be viewed by the person being
searched for).

I don't have a good solution to the key problem though.
Maybe we can use a unique key field formed from
the user who created the query and the name of the
query?

I think public and private searches should do most  of the
trick without trying to graft an entire ACL system onto
queries.

-- rouilj