diff --git a/core/modules/field/field.module b/core/modules/field/field.module
index 2f3041c..d8e0274 100644
--- a/core/modules/field/field.module
+++ b/core/modules/field/field.module
@@ -959,6 +959,10 @@ function field_has_data($field) {
     ->fieldCondition($field)
     ->range(0, 1)
     ->count()
+    // Neutralize the 'entity_field_access' query tag added by
+    // field_sql_storage_field_storage_query(). The result cannot depend on the
+    // access grants of the current user.
+    ->addTag('DANGEROUS_NODE_ACCESS_OPT_OUT')
     ->execute();
 }
 
diff --git a/core/modules/field/modules/field_sql_storage/field_sql_storage.module b/core/modules/field/modules/field_sql_storage/field_sql_storage.module
index 14e5745..e9be2ca 100644
--- a/core/modules/field/modules/field_sql_storage/field_sql_storage.module
+++ b/core/modules/field/modules/field_sql_storage/field_sql_storage.module
@@ -515,7 +515,9 @@ function field_sql_storage_field_storage_query(EntityFieldQuery $query) {
     }
     else {
       $select_query = db_select($tablename, $table_alias);
-      $select_query->addTag('entity_field_access');
+      if (!isset($this->tags['DANGEROUS_NODE_ACCESS_OPT_OUT'])) {
+        $select_query->addTag('entity_field_access');
+      }
       $select_query->addMetaData('base_table', $tablename);
       $select_query->fields($table_alias, array('entity_type', 'entity_id', 'revision_id', 'bundle'));
       $field_base_table = $table_alias;
diff --git a/core/modules/node/node.test b/core/modules/node/node.test
index 1dbcaf3..058e0e7 100644
--- a/core/modules/node/node.test
+++ b/core/modules/node/node.test
@@ -2510,3 +2510,77 @@ class NodeAccessPagerTestCase extends DrupalWebTestCase {
     $this->assertNoRaw('page=2', t('No third page exists.'));
   }
 }
+
+/**
+ * Tests the interaction of the node access system with fields.
+ */
+class NodeAccessFieldTestCase extends NodeWebTestCase {
+
+  public static function getInfo() {
+    return array(
+      'name' => 'Node access and fields',
+      'description' => 'Tests the interaction of the node access system with fields.',
+      'group' => 'Node',
+    );
+  }
+
+  public function setUp() {
+    parent::setUp('node_access_test', 'field_ui');
+    node_access_rebuild();
+
+    // Create some users.
+    $this->admin_user = $this->drupalCreateUser(array('access content', 'bypass node access'));
+    $this->content_admin_user = $this->drupalCreateUser(array('access content', 'administer content types'));
+
+    // Add a custom field to the page content type.
+    $this->field_name = drupal_strtolower($this->randomName() . '_field_name');
+    $this->field = field_create_field(array('field_name' => $this->field_name, 'type' => 'text'));
+    $this->instance = field_create_instance(array(
+      'field_name' => $this->field_name,
+      'entity_type' => 'node',
+      'bundle' => 'page',
+    ));
+  }
+
+  /**
+   * Tests administering fields when node access is restricted.
+   */
+  function testNodeAccessAdministerField() {
+    // Create a page node.
+    $langcode = LANGUAGE_NOT_SPECIFIED;
+    $field_data = array();
+    $value = $field_data[$langcode][0]['value'] = $this->randomName();
+    $node = $this->drupalCreateNode(array($this->field_name => $field_data));
+
+    // Log in as the administrator and confirm that the field value is present.
+    $this->drupalLogin($this->admin_user);
+    $this->drupalGet("node/{$node->nid}");
+    $this->assertText($value, 'The saved field value is visible to an administrator.');
+
+    // Log in as the content admin and try to view the node.
+    $this->drupalLogin($this->content_admin_user);
+    $this->drupalGet("node/{$node->nid}");
+    $this->assertText('Access denied', 'Access is denied for the content admin.');
+
+    // Modify the field default as the content admin.
+    $edit = array();
+    $default = 'Sometimes words have two meanings';
+    $edit["{$this->field_name}[$langcode][0][value]"] = $default;
+    $this->drupalPost(
+      "admin/structure/types/manage/page/fields/{$this->field_name}",
+      $edit,
+      t('Save settings')
+    );
+
+    // Log in as the administrator.
+    $this->drupalLogin($this->admin_user);
+
+    // Confirm that the existing node still has the correct field value.
+    $this->drupalGet("node/{$node->nid}");
+    $this->assertText($value, 'The original field value is visible to an administrator.');
+
+    // Confirm that the new default value appears when creating a new node.
+    $this->drupalGet('node/add/page');
+    $this->assertRaw($default, 'The updated default value is displayed when creating a new node.');
+  }
+}