diff --git a/livesupport/modules/htmlUI/var/ui_handler.class.php b/livesupport/modules/htmlUI/var/ui_handler.class.php
index 12539ae85..933c1f0d9 100644
--- a/livesupport/modules/htmlUI/var/ui_handler.class.php
+++ b/livesupport/modules/htmlUI/var/ui_handler.class.php
@@ -530,8 +530,11 @@ class uiHandler extends uiBase {
      */
     function addPerm($subj, $permAction, $id, $allowDeny)
     {
-        #if($this->gb->checkPerm($this->userid, 'editPerms', $id)){
-        if (PEAR::isError($this->gb->addPerm($subj, $permAction, $id, $allowDeny))) {
+        if (PEAR::isError(
+            $this->gb->addPerm(
+                $this->sessid, $subj, $permAction, $id, $allowDeny
+            )
+        )) {
             $this->_retMsg('Access denied.');
             return FALSE;
         }
@@ -549,8 +552,7 @@ class uiHandler extends uiBase {
      */
     function removePerm($permid, $oid)
     {
-        #if($this->gb->checkPerm($this->userid, 'editPerms', $oid))
-        if (PEAR::isError($this->gb->removePerm($permid))) {
+        if (PEAR::isError($this->gb->removePerm($this->sessid, $permid))) {
             $this->_retMsg('Access denied.');
             return FALSE;
         }
diff --git a/livesupport/modules/storageServer/var/GreenBox.php b/livesupport/modules/storageServer/var/GreenBox.php
index f3b09a2fe..8f24d261c 100644
--- a/livesupport/modules/storageServer/var/GreenBox.php
+++ b/livesupport/modules/storageServer/var/GreenBox.php
@@ -23,7 +23,7 @@
 
 
     Author   : $Author: tomas $
-    Version  : $Revision: 1.56 $
+    Version  : $Revision: 1.57 $
     Location : $Source: /home/paul/cvs2svn-livesupport/newcvsrepo/livesupport/modules/storageServer/var/GreenBox.php,v $
 
 ------------------------------------------------------------------------------*/
@@ -35,7 +35,7 @@ require_once "BasicStor.php";
  *  LiveSupport file storage module
  *
  *  @author  $Author: tomas $
- *  @version $Revision: 1.56 $
+ *  @version $Revision: 1.57 $
  *  @see BasicStor
  */
 class GreenBox extends BasicStor{
@@ -867,5 +867,46 @@ class GreenBox extends BasicStor{
         return $pa;
     }
 
+    /**
+     *   Insert permission record
+     *
+     *   @param sessid string, session id
+     *   @param sid int - local user/group id
+     *   @param action string
+     *   @param oid int - local object id
+     *   @param type char - 'A'|'D' (allow/deny)
+     *   @return int - local permission id
+     */
+    function addPerm($sessid, $sid, $action, $oid, $type='A')
+    {
+        $parid = $this->getParent($oid);
+        if(($res = $this->_authorize('editPerms', $parid, $sessid)) !== TRUE){
+            return $res;
+        }
+        return parent::addPerm($sid, $action, $oid, $type);
+    }
+    
+    /**
+     *   Remove permission record
+     *
+     *   @param sessid string, session id
+     *   @param permid int OPT - local permission id
+     *   @param subj int OPT - local user/group id
+     *   @param obj int OPT - local object id
+     *   @return boolean/error
+     */
+    function removePerm($sessid, $permid=NULL, $subj=NULL, $obj=NULL)
+    {
+        $oid = $this->_getPermOid($permid);
+        if(PEAR::isError($oid)) return $oid;
+        if(!is_null($oid)){
+            $parid = $this->getParent($oid);
+            if(($res = $this->_authorize('editPerms', $parid, $sessid)) !== TRUE)
+                return $res;
+        }
+        $res = parent::removePerm($permid, $subj, $obj);
+        return $res;
+    }
+    
 }
 ?>
diff --git a/livesupport/modules/storageServer/var/html/gbHttp.php b/livesupport/modules/storageServer/var/html/gbHttp.php
index 62ef225f0..ba3bc938a 100644
--- a/livesupport/modules/storageServer/var/html/gbHttp.php
+++ b/livesupport/modules/storageServer/var/html/gbHttp.php
@@ -23,7 +23,7 @@
  
  
     Author   : $Author: tomas $
-    Version  : $Revision: 1.16 $
+    Version  : $Revision: 1.17 $
     Location : $ $
 
 ------------------------------------------------------------------------------*/
@@ -33,7 +33,7 @@ require_once"gbHtml_h.php";
  *  storageServer WWW-form interface
  *
  *  @author  $Author: tomas $
- *  @version $Revision: 1.16 $
+ *  @version $Revision: 1.17 $
  *  @see Alib
  *  @see GreenBox
  */
@@ -363,13 +363,8 @@ switch($_REQUEST['act']){
  *  @param allowDeny char, A or D
  */
     case"addPerm";
-        $parid = $gb->getParent($_REQUEST['oid']);
         $redirUrl="gbHtmlPerms.php?id=$id";
-        if(!$gb->checkPerm($userid, 'editPerms', $parid)){
-            $_SESSION['alertMsg']='Access denied.';
-            break;
-        }
-        $res = $gb->addPerm($_REQUEST['subj'], $_REQUEST['permAction'],
+        $res = $gb->addPerm($sessid, $_REQUEST['subj'], $_REQUEST['permAction'],
             $_REQUEST['id'], $_REQUEST['allowDeny']);
         if($dbc->isError($res)){
             $_SESSION['alertMsg'] = $res->getMessage()." (".$res->getCode().")";
@@ -383,10 +378,10 @@ switch($_REQUEST['act']){
  *  @param permid int, local id of permission record
  */
     case"removePerm";
-        $parid = $gb->getParent($_REQUEST['oid']);
-        if($gb->checkPerm($userid, 'editPerms', $parid))
-            $gb->removePerm($_REQUEST['permid']);
-        else $_SESSION['alertMsg']='Access denied.';
+        $res = $gb->removePerm($sessid, $_REQUEST['permid']);
+        if($dbc->isError($res)){
+            $_SESSION['alertMsg'] = $res->getMessage()." (".$res->getCode().")";
+        }
         $redirUrl="gbHtmlPerms.php?id=$id";
     break;