diff --git a/src/profile/views.py b/src/profile/views.py
index 3e41ef7..e375b3c 100644
--- a/src/profile/views.py
+++ b/src/profile/views.py
@@ -69,6 +69,9 @@ def profile_update(request, profileid):
 
     profile = get_object_or_404(Profile, pk=profileid)
 
+    if profile.user != request.user:
+	    raise PermissionDenied("Permission denied : you don't have the permission to update this profile.")
+
     if request.method == "POST":
         form = ProfileForm(request.POST, instance=profile)