diff --git a/frappe/core/doctype/docperm/docperm.json b/frappe/core/doctype/docperm/docperm.json
index ebcd67e301..f4a46de3ce 100644
--- a/frappe/core/doctype/docperm/docperm.json
+++ b/frappe/core/doctype/docperm/docperm.json
@@ -66,13 +66,6 @@
    "search_index": 0, 
    "width": "32px"
   }, 
-  {
-   "description": "Only restricted users can access", 
-   "fieldname": "restricted", 
-   "fieldtype": "Check", 
-   "label": "Only Restricted Documents", 
-   "permlevel": 0
-  }, 
   {
    "fieldname": "write", 
    "fieldtype": "Check", 
@@ -177,11 +170,6 @@
    "label": "Import", 
    "permlevel": 0
   }, 
-  {
-   "fieldname": "column_break_19", 
-   "fieldtype": "Column Break", 
-   "permlevel": 0
-  }, 
   {
    "fieldname": "print", 
    "fieldtype": "Check", 
@@ -194,11 +182,23 @@
    "label": "Email", 
    "permlevel": 0
   }, 
+  {
+   "fieldname": "column_break_19", 
+   "fieldtype": "Column Break", 
+   "permlevel": 0
+  }, 
+  {
+   "description": "Only restricted users can access", 
+   "fieldname": "restricted", 
+   "fieldtype": "Check", 
+   "label": "Only Restricted Documents", 
+   "permlevel": 0
+  }, 
   {
    "description": "This role can restrict users for accessing the record.", 
    "fieldname": "restrict", 
    "fieldtype": "Check", 
-   "label": "Can Restrict", 
+   "label": "Can Restrict Others", 
    "permlevel": 0
   }
  ], 
@@ -207,7 +207,7 @@
  "idx": 1, 
  "issingle": 0, 
  "istable": 1, 
- "modified": "2014-04-30 00:31:21.598463", 
+ "modified": "2014-05-01 05:20:48.162224", 
  "modified_by": "Administrator", 
  "module": "Core", 
  "name": "DocPerm", 
diff --git a/frappe/core/doctype/doctype/doctype.json b/frappe/core/doctype/doctype/doctype.json
index 74aae24b4b..9b89f80b18 100644
--- a/frappe/core/doctype/doctype/doctype.json
+++ b/frappe/core/doctype/doctype/doctype.json
@@ -162,12 +162,25 @@
    "search_index": 0
   }, 
   {
+   "fieldname": "description", 
+   "fieldtype": "Small Text", 
+   "hidden": 0, 
+   "label": "Description", 
+   "oldfieldname": "description", 
+   "oldfieldtype": "Text", 
+   "permlevel": 0, 
+   "reqd": 0, 
+   "search_index": 0
+  }, 
+  {
+   "depends_on": "eval:!doc.istable", 
    "fieldname": "sb2", 
    "fieldtype": "Section Break", 
    "label": "Permission Rules", 
    "permlevel": 0
   }, 
   {
+   "depends_on": "", 
    "fieldname": "permissions", 
    "fieldtype": "Table", 
    "hidden": 0, 
@@ -180,6 +193,7 @@
    "search_index": 0
   }, 
   {
+   "depends_on": "eval:!doc.istable", 
    "fieldname": "sb3", 
    "fieldtype": "Section Break", 
    "permlevel": 0
@@ -307,17 +321,6 @@
    "fieldtype": "Data", 
    "label": "Default Print Format", 
    "permlevel": 0
-  }, 
-  {
-   "fieldname": "description", 
-   "fieldtype": "Small Text", 
-   "hidden": 0, 
-   "label": "Description", 
-   "oldfieldname": "description", 
-   "oldfieldtype": "Text", 
-   "permlevel": 0, 
-   "reqd": 0, 
-   "search_index": 0
   }
  ], 
  "hide_heading": 0, 
@@ -326,7 +329,7 @@
  "idx": 1, 
  "issingle": 0, 
  "istable": 0, 
- "modified": "2014-04-24 15:55:05.094304", 
+ "modified": "2014-05-01 05:27:22.582492", 
  "modified_by": "Administrator", 
  "module": "Core", 
  "name": "DocType", 
diff --git a/frappe/core/doctype/doctype/doctype.py b/frappe/core/doctype/doctype/doctype.py
index 93e0e3e858..d8177e5b33 100644
--- a/frappe/core/doctype/doctype/doctype.py
+++ b/frappe/core/doctype/doctype/doctype.py
@@ -22,8 +22,13 @@ class DocType(Document):
 		self.scrub_field_names()
 		self.validate_title_field()
 		validate_fields(self.get("fields"))
-		if not self.istable:
+
+		if self.istable:
+			# no permission records for child table
+			self.permissions = []
+		else:
 			validate_permissions(self)
+
 		self.make_amendable()
 		self.check_link_replacement_error()
 
@@ -217,7 +222,7 @@ def validate_fields(fields):
 	check_min_items_in_list(fields)
 
 def validate_permissions_for_doctype(doctype, for_remove=False):
-	validate_permissions(frappe.get_doc(doctype), for_remove)
+	validate_permissions(frappe.get_doc("DocType", doctype), for_remove)
 
 def validate_permissions(doctype, for_remove=False):
 	permissions = doctype.get("permissions")
diff --git a/frappe/core/doctype/user/user.js b/frappe/core/doctype/user/user.js
index 5decc85469..e4657ff7dc 100644
--- a/frappe/core/doctype/user/user.js
+++ b/frappe/core/doctype/user/user.js
@@ -224,7 +224,6 @@ frappe.RoleEditor = Class.extend({
 					+ '<th style="text-align: left">' + __('Document Type') + '</th>'
 					+ '<th>' + __('Level') + '</th>'
 					+ '<th>' + __('Read') + '</th>'
-					+ '<th>' + __('Only Restricted Documents') + '</th>'
 					+ '<th>' + __('Write') + '</th>'
 					+ '<th>' + __('Create') + '</th>'
 					+ '<th>' + __('Delete') + '</th>'
@@ -236,7 +235,8 @@ frappe.RoleEditor = Class.extend({
 					// + '<th>' + __('Export') + '</th>'
 					// + '<th>' + __('Print') + '</th>'
 					// + '<th>' + __('Email') + '</th>'
-					+ '<th>' + __('Can Restrict') + '</th>'
+					+ '<th>' + __('Only Restricted Documents') + '</th>'
+					+ '<th>' + __('Can Restrict Others') + '</th>'
 					+ '</tr></thead><tbody></tbody></table>');
 
 				for(var i=0, l=r.message.length; i<l; i++) {
@@ -257,7 +257,6 @@ frappe.RoleEditor = Class.extend({
 						<td style="text-align: left">%(parent)s</td>\
 						<td>%(permlevel)s</td>\
 						<td>%(read)s</td>\
-						<td>%(restricted)s</td>\
 						<td>%(write)s</td>\
 						<td>%(create)s</td>\
 						<td>%(delete)s</td>\
@@ -269,7 +268,8 @@ frappe.RoleEditor = Class.extend({
 						// <td>%(export)s</td>\
 						// <td>%(print)s</td>\
 						// <td>%(email)s</td>'
-						+ '<td>%(restrict)s</td>\
+						+ '<td>%(restricted)s</td>\
+						<td>%(restrict)s</td>\
 						</tr>', perm))
 				}
 
diff --git a/frappe/core/page/permission_manager/permission_manager.js b/frappe/core/page/permission_manager/permission_manager.js
index e5f613d46d..4e274c5ed1 100644
--- a/frappe/core/page/permission_manager/permission_manager.js
+++ b/frappe/core/page/permission_manager/permission_manager.js
@@ -109,7 +109,7 @@ frappe.PermissionEngine = Class.extend({
 					$.each(me.rights, function(i, r) {
 						if(d[r]===1) {
 							if(r==="restrict") {
-								d.rights.push(__("Can Restrict"));
+								d.rights.push(__("Can Restrict Others"));
 							} else if(r==="restricted") {
 								d.rights.push(__("Only Restricted Documents"));
 							} else {
@@ -227,7 +227,7 @@ frappe.PermissionEngine = Class.extend({
 
 			$.each(me.rights, function(i, r) {
 				if(r==="restrict") {
-					add_check(perm_container, d, "restrict", "Can Restrict");
+					add_check(perm_container, d, "restrict", "Can Restrict Others");
 				} else if(r==="restricted") {
 					add_check(perm_container, d, "restricted", "Only Restricted Documents");
 				} else {
@@ -239,8 +239,8 @@ frappe.PermissionEngine = Class.extend({
 			me.add_delete_button(row, d);
 		});
 	},
-	rights: ["read", "restricted", "write", "create", "delete", "submit", "cancel", "amend",
-		"report", "import", "export", "print", "email", "restrict"],
+	rights: ["read", "write", "create", "delete", "submit", "cancel", "amend",
+		"report", "import", "export", "print", "email", "restricted", "restrict"],
 
 	set_show_users: function(cell, role) {
 		cell.html("<a href='#'>"+role+"</a>")
@@ -390,7 +390,7 @@ var permissions_help = ['<table class="table table-bordered" style="background-c
 		':</h4>',
 		'<ol>',
 			'<li>',
-				__('Permissions are set on Roles and Document Types (called DocTypes) by setting rights like Read, Restricted, Write, Create, Delete, Submit, Cancel, Amend, Report, Import, Export, Print, Email and Can Restrict.'),
+				__('Permissions are set on Roles and Document Types (called DocTypes) by setting rights like Read, Write, Create, Delete, Submit, Cancel, Amend, Report, Import, Export, Print, Email, Only Restricted Documents and Can Restrict Others.'),
 			'</li>',
 			'<li>',
 				__('Permissions get applied on Users based on what Roles they are assigned.'),
@@ -472,7 +472,7 @@ var permissions_help = ['<table class="table table-bordered" style="background-c
 				__("Once you have set this, the users will only be able access documents where the link (e.g Company) exists."),
 			'</li>',
 			'<li>',
-				__("Apart from System Manager, roles with 'Can Restrict' permission can restrict other users for that Document Type."),
+				__("Apart from System Manager, roles with 'Can Restrict Others' permission can restrict other users for that Document Type."),
 			'</li>',
 		'</ol>',
 	'</td></tr>',