1 files changed, 11 insertions, 1 deletions

diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 2bb2198574..d0d5ddf871 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1340,11 +1340,21 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o
 		return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadpath);
 	}
     
+#if 0
+	/* This is the correct thing to do (check every time) but can_delete is
+	   expensive (it may have to read the parent directory permissions). So
+	   for now we're not doing it unless we have a strong hint the client
+	   is really going to delete this file. */
 	if (desired_access & DELETE_ACCESS) {
+#else
+	/* Setting FILE_SHARE_DELETE is the hint. */
+	if ((share_access & FILE_SHARE_DELETE) && (desired_access & DELETE_ACCESS)) {
+#endif
 		status = can_delete(conn, fname, file_attributes, bad_path, True);
 		/* We're only going to fail here if it's access denied, as that's the
 		   only error we care about for "can we delete this ?" questions. */
-		if (!NT_STATUS_IS_OK(status) && NT_STATUS_EQUAL(status,NT_STATUS_ACCESS_DENIED)) {
+		if (!NT_STATUS_IS_OK(status) && (NT_STATUS_EQUAL(status,NT_STATUS_ACCESS_DENIED) ||
+						 NT_STATUS_EQUAL(status,NT_STATUS_CANNOT_DELETE))) {
 			restore_case_semantics(conn, file_attributes);
 			END_PROFILE(SMBntcreateX);
 			return ERROR_NT(status);