diff --git a/bin/addons/base/ir/ir.xml b/bin/addons/base/ir/ir.xml
index 049b229ae87..b23e870e417 100644
--- a/bin/addons/base/ir/ir.xml
+++ b/bin/addons/base/ir/ir.xml
@@ -639,6 +639,7 @@
 				<field name="perm_read"/>
 				<field name="perm_write"/>
 				<field name="perm_create"/>
+				<field name="perm_unlink"/>
 			</form>
 		</field>
 	</record>
diff --git a/bin/addons/base/ir/ir_model.py b/bin/addons/base/ir/ir_model.py
index 02f7b6ca21c..ad08ec81f0a 100644
--- a/bin/addons/base/ir/ir_model.py
+++ b/bin/addons/base/ir/ir_model.py
@@ -84,9 +84,10 @@ class ir_model_access(osv.osv):
 		'perm_read': fields.boolean('Read Access'),
 		'perm_write': fields.boolean('Write Access'),
 		'perm_create': fields.boolean('Create Access'),
+		'perm_unlink': fields.boolean('Delete Permission'),
 	}
 	def check(self, cr, uid, model_name, mode='read'):
-		assert mode in ['read','write','create'], 'Invalid access mode for security'
+		assert mode in ['read','write','create','unlink'], 'Invalid access mode for security'
 
 		# fetch the list of rules for this "permission type" on this model
 		cr.execute('select group_id, perm_'+mode+' from ir_model_access a left join ir_model m on (a.model_id=m.id) where m.model=%s', (model_name,))
diff --git a/bin/osv/orm.py b/bin/osv/orm.py
index 17f9fc2c285..d33e8766f7a 100644
--- a/bin/osv/orm.py
+++ b/bin/osv/orm.py
@@ -779,9 +779,7 @@ class orm(object):
 		return res
 
 	def unlink(self, cr, uid, ids, context={}):
-#CHECKME: wouldn't it be better to check for the write access instead of create?
-#or alternatively, create a new 'delete' permission
-		self.pool.get('ir.model.access').check(cr, uid, self._name, 'create')
+		self.pool.get('ir.model.access').check(cr, uid, self._name, 'unlink')
 		if not len(ids):
 			return True
 		wf_service = netsvc.LocalService("workflow")