diff --git a/lib/spack/spack/test/permissions.py b/lib/spack/spack/test/permissions.py
index fa83eb37ff3764faa84f4260e7abc839f1038a8e..26974c809600448804f7ab2ae5df0fc45b955e77 100644
--- a/lib/spack/spack/test/permissions.py
+++ b/lib/spack/spack/test/permissions.py
@@ -27,9 +27,29 @@ def test_chmod_real_entries_ignores_suid_sgid(tmpdir):
 
 def test_chmod_rejects_group_writable_suid(tmpdir):
     path = str(tmpdir.join('file').ensure())
-    mode = stat.S_ISUID | stat.S_ISGID | stat.S_ISVTX
+    mode = stat.S_ISUID
+    fs.chmod_x(path, mode)
+
+    perms = stat.S_IWGRP
+    with pytest.raises(InvalidPermissionsError):
+        set_permissions(path, perms)
+
+
+def test_chmod_rejects_world_writable_suid(tmpdir):
+    path = str(tmpdir.join('file').ensure())
+    mode = stat.S_ISUID
+    fs.chmod_x(path, mode)
+
+    perms = stat.S_IWOTH
+    with pytest.raises(InvalidPermissionsError):
+        set_permissions(path, perms)
+
+
+def test_chmod_rejects_world_writable_sgid(tmpdir):
+    path = str(tmpdir.join('file').ensure())
+    mode = stat.S_ISGID
     fs.chmod_x(path, mode)
 
-    perms = stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO
+    perms = stat.S_IWOTH
     with pytest.raises(InvalidPermissionsError):
         set_permissions(path, perms)
diff --git a/lib/spack/spack/util/file_permissions.py b/lib/spack/spack/util/file_permissions.py
index d94b74f51e9b3962d067614b70a5bde00edaf2af..b133d2569e9f88117cd15923ead47051cbf61bc3 100644
--- a/lib/spack/spack/util/file_permissions.py
+++ b/lib/spack/spack/util/file_permissions.py
@@ -25,10 +25,19 @@ def set_permissions(path, perms, group=None):
     # Preserve higher-order bits of file permissions
     perms |= os.stat(path).st_mode & (st.S_ISUID | st.S_ISGID | st.S_ISVTX)
 
-    # Do not let users create world writable suid binaries
-    if perms & st.S_ISUID and perms & st.S_IWGRP:
-        raise InvalidPermissionsError(
-            "Attepting to set suid with world writable")
+    # Do not let users create world/group writable suid binaries
+    if perms & st.S_ISUID:
+        if perms & st.S_IWOTH:
+            raise InvalidPermissionsError(
+                "Attempting to set suid with world writable")
+        if perms & st.S_IWGRP:
+            raise InvalidPermissionsError(
+                "Attempting to set suid with group writable")
+    # Or world writable sgid binaries
+    if perms & st.S_ISGID:
+        if perms & st.S_IWOTH:
+            raise InvalidPermissionsError(
+                "Attempting to set sgid with world writable")
 
     fs.chmod_x(path, perms)