--- samba-3.0.28/source/posix_acls.c.orig	2007-11-21 12:58:01.000000000 +0900
+++ samba-3.0.28/source/posix_acls.c	2008-01-15 14:03:39.000000000 +0900
@@ -2281,14 +2281,25 @@ static BOOL current_user_in_group(gid_t 
  and 'dos filemode'
 ****************************************************************************/
 
-static BOOL acl_group_override(connection_struct *conn, gid_t prim_gid)
+static BOOL acl_group_override(connection_struct *conn, gid_t prim_gid, const char *fname)
 {
-	if ( (errno == EACCES || errno == EPERM) 
-		&& (lp_acl_group_control(SNUM(conn)) || lp_dos_filemode(SNUM(conn)))
-		&& current_user_in_group(prim_gid)) 
-	{
+	SMB_STRUCT_STAT sbuf;
+
+	ZERO_STRUCT(sbuf);
+
+	if ((errno != EPERM) && (errno != EACCES))
+		return False;
+
+	if (!lp_acl_group_control(SNUM(conn)) && !lp_dos_filemode(SNUM(conn)))
+		return False;
+
+	/* file group == user primary group */
+	if (current_user_in_group(prim_gid))
+		return True;
+
+	/* user has write permission */
+	if (can_write_to_file(conn, fname, &sbuf))
 		return True;
-	} 
 
 	return False;
 }
@@ -2476,7 +2487,7 @@ static BOOL set_canon_ace_list(files_str
 				*pacl_set_support = False;
 			}
 
-			if (acl_group_override(conn, prim_gid)) {
+			if (acl_group_override(conn, prim_gid, fsp->fsp_name)) {
 				int sret;
 
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
@@ -2507,7 +2518,7 @@ static BOOL set_canon_ace_list(files_str
 				*pacl_set_support = False;
 			}
 
-			if (acl_group_override(conn, prim_gid)) {
+			if (acl_group_override(conn, prim_gid, fsp->fsp_name)) {
 				int sret;
 
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
@@ -3469,7 +3480,7 @@ BOOL set_nt_acl(files_struct *fsp, uint3
 					if (SMB_VFS_SYS_ACL_DELETE_DEF_FILE(conn, fsp->fsp_name) == -1) {
 						int sret = -1;
 
-						if (acl_group_override(conn, sbuf.st_gid)) {
+						if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) {
 							DEBUG(5,("set_nt_acl: acl group control on and "
 								"current user in file %s primary group. Override delete_def_acl\n",
 								fsp->fsp_name ));
@@ -3516,7 +3527,7 @@ BOOL set_nt_acl(files_struct *fsp, uint3
 
 					if(SMB_VFS_CHMOD(conn,fsp->fsp_name, posix_perms) == -1) {
 						int sret = -1;
-						if (acl_group_override(conn, sbuf.st_gid)) {
+						if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) {
 							DEBUG(5,("set_nt_acl: acl group control on and "
 								"current user in file %s primary group. Override chmod\n",
 								fsp->fsp_name ));