Ravi S. Maniam mentions this in his blog post on Filestream. Looks like the physical files should just be available, from an NTFS security perspecitive, by the account that the SQL service is running under. Because my testing was done in a sandbox where the SQL service account did match my windows login account, it wasn't an issue for me when I opened my test file.

If you try to open the test file and are denied, this would be the reason. Sounds like a pretty decent security scheme as long as admins don't run around adding permissions to the filestream folder.