Index: filefield.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/filefield/filefield.module,v
retrieving revision 1.162
diff -u -p -r1.162 filefield.module
--- filefield.module    4 Feb 2009 03:04:25 -0000       1.162
+++ filefield.module    17 Jun 2009 22:15:30 -0000
@@ -153,11 +153,10 @@ function filefield_file_download($file) 
   }

   // So the overall field view permissions are not denied, but if access is
-  // denied for a specific node containing the file, deny the download as well.
-  // It's probably a little too restrictive, but I can't think of a
-  // better way at the moment. Input appreciated.
+  // denied for all nodes containing the file, deny the download as well.
   // (And yeah, node access checks also include checking for 'access content'.)
   $nodes = array();
+  $denied = FALSE;
   foreach ($cck_files as $field_name => $field_files) {
     foreach ($field_files as $revision_id => $content) {
       // Checking separately for each revision is probably not the best idea -
@@ -166,13 +165,15 @@ function filefield_file_download($file) 
       if (isset($nodes[$content['nid']])) {
         continue; // don't check the same node twice
       }
-      $node = node_load($content['nid']);
-      if (!node_access('view', $node)) {
+      if ($denied == FALSE && $node = node_load($nid) && node_access('view', $node)) {
         // You don't have permission to view the node this file is attached to.
-        return -1;
+        $denied = TRUE;
       }
       $nodes[$content['nid']] = $node;
     }
+    if ($denied) {
+      return -1;
+    }
   }

   // Well I guess you can see this file.