It seems that setting a passcode on your iPhone may not prevent access to all of the phone's features and information. A newly discovered security flaw in iOS 5.0.1 will allow access to the phone's contact list as well as some calling features.
The bug was discovered by iPhoneislam who posted a video of the process on YouTube showing what it allows access to. The hack takes a bit of work but it doesn't require anything more intense than knowing where the SIM card on the iPhone is and the phone number of the phone you are trying to break into.
The general process involves inserting and removing the SIM card for the iPhone while also trying to call the device. It seems after having the SIM pulled a number of times and having a slew of missed calls the phone allows access to the contacts list as well as the phone app. From the video, this seems a little finicky to pull off and it requires that the person trying to break into the iPhone either knows the phone number of the phone in question or just happens to keep a spare SIM card handy for this purpose.
iPhoneislam is calling this security flaw "major." I'm personally inclined to disagree. It requires a good deal of patience, physical access to the phone, and either knowledge of the phone number or a spare SIM. All of that seems like a lot of work to get access to the phone app and contacts list on the device.
It stands to reason that Apple would be able to address this issue in time to clean it up with the release of iOS 5.1. Until then it's probably best to avoid leaving your phone on the bar and instead stick to keeping it in your pocket.
