When logged in as the schema owner, I can run a query
select * from ALL_COL_COMMENTS WHERE TABLE_NAME LIKE 'BLEH_%';
And I can see all the tables and columns that I expect.
However, if I login as a different user, the same query will return some of those tables, but not all of them.
Why isn't ALL_COL_COMMENTS returning the same result set regardless of the user?
The owner is the same for all of these tables (the schema owner). The other user can see a subset of those tables in ALL_COL_COMMENTS, but as far as it is concerned the other tables don't exist.
This is a basic principle of security, which Oracle implements consistently - if you don't have any permissions on an object, as far as you're concerned, it doesn't exist. Divulging any information about it is a security breach under the principle of "a need to know basis", if you will.
The data dictionary is no different - if you don't have any permissions on the table, you shouldn't be able to query even structural information about it (e.g., as the data dictionary present). As far as you're concerned, there's no such table.