diff --git a/src/builtin_functions.c b/src/builtin_functions.c
index 3b349d43938c9134a449381332e0ffbbf7908f37..7fbfb62966a40bae8e57913ed9faefba25f7336b 100644
--- a/src/builtin_functions.c
+++ b/src/builtin_functions.c
@@ -5,7 +5,7 @@
 \*/
 /**/
 #include "global.h"
-RCSID("$Id: builtin_functions.c,v 1.164 1999/03/26 23:40:53 grubba Exp $");
+RCSID("$Id: builtin_functions.c,v 1.165 1999/04/03 06:10:04 hubbe Exp $");
 #include "interpret.h"
 #include "svalue.h"
 #include "pike_macros.h"
@@ -1353,6 +1353,10 @@ void f_destruct(INT32 args)
 	   
     o=fp->current_object;
   }
+#ifdef PIKE_SECURITY
+  if(!CHECK_DATA_SECURITY(o, SECURITY_BIT_DESTRUCT))
+    error("Destruct permission denied.\n");
+#endif
   destruct(o);
   pop_n_elems(args);
 }
diff --git a/src/security.c b/src/security.c
index c251990199bf3e1bb710982bf54cc40810b2861e..b53ab152242089ceb2027088d2df9f08b62dce9d 100644
--- a/src/security.c
+++ b/src/security.c
@@ -4,10 +4,8 @@
  * controls for file->pipe()
  * controls for kill/create_process/signal
  * controls for all/most functions in the system module
- * controls for all/most functions in files/efun.c
  * controls for all/most functions in spider
  * controls for threads
- * controls for destruct
  */
 
 #ifdef PIKE_SECURITY
diff --git a/src/security.h b/src/security.h
index bfd99eb495e0567e647274725c4ab0898b250e75..26415fccdf66598091d49470e3f95d7562dbcde5 100644
--- a/src/security.h
+++ b/src/security.h
@@ -12,6 +12,7 @@
 #define SECURITY_BIT_SECURITY 8   /* Do anything :) */
 #define SECURITY_BIT_NOT_SETUID 16
 #define SECURITY_BIT_CONDITIONAL_IO 32
+#define SECURITY_BIT_DESTRUCT 64
 
 typedef unsigned char pike_security_bits;