diff --git a/oss-internship-2020/curl/sandbox.h b/oss-internship-2020/curl/sandbox.h
index 4e12d35..e2fdb2f 100644
--- a/oss-internship-2020/curl/sandbox.h
+++ b/oss-internship-2020/curl/sandbox.h
@@ -41,9 +41,9 @@ class CurlSapiSandbox : public curl::CurlSandbox {
         .AllowRead()
         .AllowSafeFcntl()
         .AllowWrite()
+        .AllowAccess()
         .AllowSyscalls({
             __NR_accept,
-            __NR_access,
             __NR_bind,
             __NR_connect,
             __NR_getpeername,
diff --git a/sandboxed_api/sandbox2/policybuilder.cc b/sandboxed_api/sandbox2/policybuilder.cc
index 678677d..94dd3a6 100644
--- a/sandboxed_api/sandbox2/policybuilder.cc
+++ b/sandboxed_api/sandbox2/policybuilder.cc
@@ -269,6 +269,16 @@ PolicyBuilder& PolicyBuilder::AllowStat() {
   return *this;
 }
 
+PolicyBuilder& PolicyBuilder::AllowAccess() {
+#ifdef __NR_access
+  AllowSyscall(__NR_access);
+#endif
+#ifdef __NR_faccessat
+  AllowSyscall(__NR_faccessat);
+#endif
+  return *this;
+}
+
 PolicyBuilder& PolicyBuilder::AllowRead() {
   return AllowSyscalls({
       __NR_read,
diff --git a/sandboxed_api/sandbox2/policybuilder.h b/sandboxed_api/sandbox2/policybuilder.h
index 5a5fd97..c5155e5 100644
--- a/sandboxed_api/sandbox2/policybuilder.h
+++ b/sandboxed_api/sandbox2/policybuilder.h
@@ -181,6 +181,12 @@ class PolicyBuilder final {
   // - ustat
   PolicyBuilder& AllowStat();
 
+  // Appends code to allow checking file permissions.
+  // Allows these syscalls:
+  // - access
+  // - faccessat
+  PolicyBuilder& AllowAccess();
+
   // Appends code to the policy to allow reading from file descriptors.
   // Allows these sycalls:
   // - read