Links to private posts in the Recent Comments widget return 404 for logged out users

[designsimply]

Expected: links shown in the recent comments widget to work for logged out users.

Observed: links to private posts return 404 for logged out users.

To reproduce:

1. Open a WordPress blog
2. Go to Appearance -> Widgets and add the Recent Comments widget
3. Create two posts and publish them: one private, one password-protected
4. Leave comments on each post
5. Go to Comments and make sure the new comments are approved
6. Clear cache and cookies or use an incognito window to view the blog
7. Result: Comments for both the password protected and the private post are visible in the Recent Comments widget. Clicking on the comment for the private post results in a 404 error. Clicking on the comment for the password-protected post results in asking for a password.

Tested in WPCOM latest and WPORG [17426].

I think it makes sense to leave comments for password-protected posts in the Recent Comments widget, but removing comments of private posts for users without rights to see them makes sense since they return a 404 otherwise.

Confirmed as a regression from 2.9 to 3.0. Original fix: r12333.

Broken when we went to get_comments().

Was pretty simple to replicate r12333 in get_comments().

Fixed initially in 2.9. Broken come 3.0. Too late for 3.1.

May as well throw a few other fields in there.

Also, should something be done to filter out password-protected posts?

Related: #15555

And #12904

(In [17667]) Allow retrieving comments by post type, status, author, author, name, or parent. Fetch only published posts for recent comments widget. Props filosofo. fixes #16506 #12904