Every published assessment has a PAU (published assessment url) created for it. If an unauthorized user tries to take an assessment by using the url, they should get a 'permission denied' message and be returned to the Sakai portal page. Right now, anyone can see and take the assessment using the PAU, although their answers are not saved.
Example assessment: 3.11 Marith Open (released to 1 site only, not to anonymous or authenticated users)
Log into any Sakai account with a student role (student1/student1 will work) and then paste that URL into your browser. You should be able to take the assessment even though you're not a member of the site it is released to.
However, if you click "Submit for Grading" you get a blank page; if you click "Save and Exit" you get a sort of blank assessment page (see attached image 3.14saveandexit).