diff --git a/sympa-6.0.6/wwsympa/wwsympa.fcgi.in b/sympa-6.0.6/wwsympa/wwsympa.fcgi.in
index 023911b012e00c2a0dba8f5f595b28b9d37c996e..c1d0795ff6d343312f86dad621556312f926f1be 100644
--- a/sympa-6.0.6/wwsympa/wwsympa.fcgi.in
+++ b/sympa-6.0.6/wwsympa/wwsympa.fcgi.in
@@ -15998,6 +15998,10 @@ sub do_viewlogs {
 
 
 sub do_arc_manage {
+    unless (defined &check_authz('do_arc', 'web_archive.access')) {
+    	&report::reject_report_web('auth','access denied',{},$param->{'action'},$list);
+    	return undef;
+    }
     &wwslog('info', "do_arc_manage ($in{'list'})");
 
     my $search_base = $wwsconf->{'arc_path'}.'/'.$list->get_list_id();
@@ -16014,6 +16018,10 @@ sub do_arc_manage {
 
 ## create a zip file with archives from (list,month)
 sub do_arc_download {
+    unless (defined &check_authz('do_arc', 'web_archive.access')) {
+        &report::reject_report_web('auth','access denied',{},$param->{'action'},$list);
+        return undef;
+    }
     
     &wwslog('info', "do_arc_download ($in{'list'})");
     
@@ -16112,6 +16120,10 @@ sub do_arc_download {
 }
 
 sub do_arc_delete {
+    unless ($param->{'is_owner'}) {
+      &report::reject_report_web('auth','action_owner',{},$param->{'action'},$list);
+      return undef;
+    }
   
     my @abs_dirs;