diff -urp webform.ori/webform.inc webform/webform.inc
--- webform.ori/webform.inc	2008-04-03 05:39:27.000000000 +0200
+++ webform/webform.inc	2008-05-06 12:48:51.000000000 +0200
@@ -111,13 +111,18 @@ function _webform_submission_delete_subm
  *   array header of the table.
  */
 function _webform_fetch_submissions($nid, $header = NULL) {
-
+  $where="";
+  global $user;
+  if (!user_access("access own webform submissions") && !user_access("view all submissions") && $user->uid!=1) return;
+  if (user_access("access own webform submissions") && !user_access("view all submissions") && $user->uid!=1)
+    $where=" and s.uid=".$user->uid;
+  
   $query = 'SELECT s.*, sd.cid, sd.no, sd.data, u.name, u.mail, u.status '.
            'FROM {webform_submissions} s '.
            'LEFT JOIN {webform_submitted_data} sd ON sd.sid = s.sid '.
            'LEFT JOIN {users} u ON u.uid = s.uid '.
-           'WHERE sd.nid = %d';
-
+           'WHERE sd.nid = %d'.
+           $where;
   if (is_array($header)) {
     $query .= tablesort_sql($header);
   }
diff -urp webform.ori/webform.module webform/webform.module
--- webform.ori/webform.module	2008-04-03 05:42:05.000000000 +0200
+++ webform/webform.module	2008-05-06 12:59:32.000000000 +0200
@@ -182,7 +182,7 @@ function webform_menu($may_cache) {
  * Implementation of hook_perm().
  */
 function webform_perm() {
-  return array("create webforms", "edit own webforms", "edit webforms", "access webform results", "clear webform results", "access own webform submissions", "edit own webform submissions", "edit webform submissions", "use PHP for additional processing");
+  return array("create webforms", "edit own webforms", "edit webforms", "access webform results", "clear webform results", "access own webform submissions", "edit own webform submissions", "edit webform submissions", "use PHP for additional processing",'view all submissions');
 }
 
 /**
@@ -1224,7 +1224,7 @@ function webform_client_form(&$node, $su
   }
 
   // Set a header for navigating results.
-  if ($submission && user_access('access webform results')) {
+  if (($submission && user_access('access webform results') && user_access('view all submissions'))||(user_access('access own webform submissions' ) && $submission->uid==$user->uid )) {
     // Add CSS to display submission info. Don't preprocess because this CSS file is used rarely.
     drupal_add_css(drupal_get_path('module', 'webform') .'/webform.css', 'module', 'all', FALSE);
 
@@ -1987,6 +1987,7 @@ function _webform_load_components($retur
  * Editable display of a webform submission.
  */
 function webform_submission_edit(&$node, $sid) {
+  global $user;
   include_once(drupal_get_path('module', 'webform') ."/webform.inc");
 
   $node->webformcomponents = _webform_components_decode($node->webformcomponents);
@@ -2015,7 +2016,7 @@ function webform_submission_view(&$node,
   $node->webformcomponents = _webform_components_decode($node->webformcomponents);
   $submission = _webform_fetch_submission($sid, $node->nid);
   if ($sid && is_numeric($sid)) {
-    if (user_access("access webform results") || (user_access("access own webform submissions") && ($user->uid == $submission['uid']))) {
+    if (user_access("view all submissions") || (user_access("access own webform submissions") && ($user->uid == $submission['uid']))) {
       drupal_set_title(t('Submission #@sid', array('@sid' => $sid)));
       $node->body = "";