diff --git a/parser/parser_yacc.y b/parser/parser_yacc.y
index 7f5191e7f..80f23781a 100644
--- a/parser/parser_yacc.y
+++ b/parser/parser_yacc.y
@@ -879,11 +879,12 @@ opt_unsafe: { /* nothing */ $$ = 0; }
 
 rule:   opt_unsafe file_mode opt_subset_flag id_or_var opt_named_transition TOK_END_OF_RULE
 	{
-		int mode = $2 & ~ALL_AA_EXEC_UNSAFE;
+		int mode = $2;
 		if ($1) {
 			if (!($2 & AA_EXEC_BITS))
 				yyerror(_("unsafe rule missing exec permissions"));
-			mode |= (($2 & AA_EXEC_BITS) << 8) & ALL_AA_EXEC_UNSAFE;
+			mode = ($2 & ~ALL_AA_EXEC_UNSAFE) |
+				((($2 & AA_EXEC_BITS) << 8) & ALL_AA_EXEC_UNSAFE);
 		}
 
 		if ($3 && ($2 & ~AA_LINK_BITS))
diff --git a/parser/tst/simple_tests/xtrans/simple_bad_x_mods_first_34.sd b/parser/tst/simple_tests/xtrans/simple_bad_x_mods_first_34.sd
deleted file mode 100644
index 2ab50b030..000000000
--- a/parser/tst/simple_tests/xtrans/simple_bad_x_mods_first_34.sd
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-#=DESCRIPTION test pix - in forward perms P and p are the same and the
-# unsafe keyword is required.  So these should conflict
-#=EXRESULT FAIL
-#
-/usr/bin/foo {
-  /bin/cat pix,
-  /bin/foo Pix,
-  /bin/bar pIx,
-  /bin/a   PIx,
-
-  pix /bin/cat,
-  Pix /bin/foo,
-  pIx /bin/bar,
-  PIx /bin/a,
-}
diff --git a/parser/tst/simple_tests/xtrans/simple_ok_pix_1.sd b/parser/tst/simple_tests/xtrans/simple_ok_pix_1.sd
index 4a4b9aea2..c8e6ab133 100644
--- a/parser/tst/simple_tests/xtrans/simple_ok_pix_1.sd
+++ b/parser/tst/simple_tests/xtrans/simple_ok_pix_1.sd
@@ -9,7 +9,7 @@
   /bin/a   PIx,
 
   unsafe pix /bin/cat,
-  pix /bin/foo,
+  Pix /bin/foo,
   unsafe pix /bin/bar,
-  pix /bin/a,
+  Pix /bin/a,
 }