I think I figured it out for myself. Perhaps there's a better way, but I changed the template section responsible for building the rows in the file/folder list. Basically, I surrounded each piece of the list with:
{.if|{.and|{.get|can access.}|{.length|%user%.}.}| ... .}
I.e., I only add a piece to the list if a user is logged in ({.length|%user%.}) and if the user can access the folder/file ({.get|can access.}).
The full section of list-building code now looks like this (new code in
blue):
[file=folder=link|private]
{.if|{.and|{.get|can access.}|{.length|%user%.}.}|
<tr class='{.if|{.mod|{.count|row.}|2.}|even.}'><td>
<input type='checkbox' class='selector' name='selection' value="%item-url%" {.if not|{.or|{.get|can delete.}|{.get|can access.}|{.get|can archive item.}.}|disabled='disabled'.} />
{.if|{.get|is new.}|<span class='flag'> NEW </span>.}
{.if not|{.get|can access.}|<img src='/~img_lock'>.}
<a href="%item-url%"><img src="%item-icon%"> %item-name%</a>
{.if| {.length|{.?search.}.} |{:{.123 if 2|<div class='item-folder'>{.!item folder.} |{.breadcrumbs|{:<a href="%bread-url%">%bread-name%/</a>:}|from={.count substring|/|%folder%.}/breadcrumbs.}|</div>.}:} .}
{.123 if 2|<div class='comment'>|{.commentNL|%item-comment%.}|</div>.}.}
[+file]
{.if|{.and|{.get|can access.}|{.length|%user%.}.}|<td>%item-size%B<td>%item-modified%<td>%item-dl-count%.}
[+folder]
{.if|{.and|{.get|can access.}|{.length|%user%.}.}|<td class='nosize'>folder<td>%item-modified%<td>%item-dl-count%.}
[+link]
{.if|{.and|{.get|can access.}|{.length|%user%.}.}|<td class='nosize'>link<td colspan='2'>.}
(Note the change in red
altered the display so the lock symbol only appears next to things the user
doesn't have access to. But this change was mooted by the larger change - since things the user can't access aren't displayed at all!)
A minor issue with this mod is that the code that colors even/odd rows differently (<tr class='{.if|{.mod|{.count|row.}|2.}|even.}'>) references the count within the total file/folder list, not the list filtered by whether the user has access or not. As a result, the list's rows don't alternate colors as intended.
If anyone sees a reason why this won't fly, or if anyone knows of a better way to accomplish the desired behavior, please let me know.