diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index 6ba5c11..3bc1e14 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -42,7 +42,11 @@ class FilesController < ApplicationController
 
   def create
     container = (params[:version_id].blank? ? @project : @project.versions.find_by_id(params[:version_id]))
-    attachments = Attachment.attach_files(container, params[:attachments])
+
+    attachments_params = params[:attachments]
+    attachments_params.each{|_,v| v.merge!('private' => true)} if params[:private].to_i == 1
+
+    attachments = Attachment.attach_files(container, attachments_params)
     render_attachment_warning_if_needed(container)
 
     if !attachments.empty? && !attachments[:files].blank? && Setting.notified_events.include?('file_added')
diff --git a/app/views/attachments/_form.html.erb b/app/views/attachments/_form.html.erb
index 65ad880..965e6f7 100644
--- a/app/views/attachments/_form.html.erb
+++ b/app/views/attachments/_form.html.erb
@@ -24,6 +24,12 @@
         :description_placeholder => l(:label_optional_description)
       } %>
 (<%= l(:label_max_size) %>: <%= number_to_human_size(Setting.attachment_max_size.to_i.kilobytes) %>)
+
+<% if controller_name == 'files' && User.current.allowed_to?(:manage_private_files, @project) %>
+  <br />
+  <%= label_tag :private %>
+  <%= check_box_tag :private %>
+<% end %>
 </span>
 
 <% content_for :header_tags do %>
diff --git a/app/views/files/index.html.erb b/app/views/files/index.html.erb
index c164cc0..72ae810 100644
--- a/app/views/files/index.html.erb
+++ b/app/views/files/index.html.erb
@@ -13,6 +13,7 @@
     <%= sort_header_tag('size', :caption => l(:field_filesize), :default_order => 'desc') %>
     <%= sort_header_tag('downloads', :caption => l(:label_downloads_abbr), :default_order => 'desc') %>
     <th>MD5</th>
+    <th><%= l(:field_type) %></th>
     <th></th>
   </tr></thead>
   <tbody>
@@ -26,17 +27,19 @@
   </tr>
   <% end -%>
   <% container.attachments.each do |file| %>
-  <tr class="file <%= cycle("odd", "even") %>">
-    <td class="filename"><%= link_to_attachment file, :download => true, :title => file.description %></td>
-    <td class="created_on"><%= format_time(file.created_on) %></td>
-    <td class="filesize"><%= number_to_human_size(file.filesize) %></td>
-    <td class="downloads"><%= file.downloads %></td>
-    <td class="digest"><%= file.digest %></td>
-    <td class="buttons">
-    <%= link_to(image_tag('delete.png'), attachment_path(file),
-                                         :data => {:confirm => l(:text_are_you_sure)}, :method => :delete) if delete_allowed %>
-    </td>
-  </tr>
+    <% next if file.is_private && !User.current.allowed_to?(:view_private_files, @project) %>
+    <tr class="file <%= cycle("odd", "even") %>">
+      <td class="filename"><%= link_to_attachment file, :download => true, :title => file.description %></td>
+      <td class="created_on"><%= format_time(file.created_on) %></td>
+      <td class="filesize"><%= number_to_human_size(file.filesize) %></td>
+      <td class="downloads"><%= file.downloads %></td>
+      <td class="digest"><%= file.digest %></td>
+      <td><%= file.is_private ? l('field_is_private') : l('field_is_public') %></td>
+      <td class="buttons">
+      <%= link_to(image_tag('delete.png'), attachment_path(file),
+                                           :data => {:confirm => l(:text_are_you_sure)}, :method => :delete) if delete_allowed %>
+      </td>
+    </tr>
   <% end
   reset_cycle %>
 <% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index f215bfd..af0b411 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -449,7 +449,9 @@ en:
   permission_edit_documents: Edit documents
   permission_delete_documents: Delete documents
   permission_manage_files: Manage files
+  permission_manage_private_files: Manage private files
   permission_view_files: View files
+  permission_view_private_files: View private files
   permission_manage_wiki: Manage wiki
   permission_rename_wiki_pages: Rename wiki pages
   permission_delete_wiki_pages: Delete wiki pages
diff --git a/config/locales/pl.yml b/config/locales/pl.yml
index a833cb8..88af157 100644
--- a/config/locales/pl.yml
+++ b/config/locales/pl.yml
@@ -695,6 +695,7 @@ pl:
   permission_manage_boards: Zarządzanie forami
   permission_manage_categories: Zarządzanie kategoriami zagadnień
   permission_manage_files: Zarządzanie plikami
+  permission_manage_private_files: Zarządzanie plikami prywatnymi
   permission_manage_issue_relations: Zarządzanie powiązaniami zagadnień
   permission_manage_members: Zarządzanie uczestnikami
   permission_manage_news: Zarządzanie komunikatami
@@ -711,6 +712,7 @@ pl:
   permission_view_changesets: Podgląd zmian
   permission_view_documents: Podgląd dokumentów
   permission_view_files: Podgląd plików
+  permission_view_private_files: Podgląd plików prywatnych
   permission_view_gantt: Podgląd diagramu Gantta
   permission_view_issue_watchers: Podgląd listy obserwatorów
   permission_view_messages: Podgląd wiadomości
@@ -971,7 +973,7 @@ pl:
   field_issues_visibility: Issues visibility
   label_issues_visibility_all: All issues
   permission_set_own_issues_private: Set own issues public or private
-  field_is_private: Private
+  field_is_private: Prywatny
   permission_set_issues_private: Set issues public or private
   label_issues_visibility_public: All non private issues
   text_issues_destroy_descendants_confirmation: This will also delete %{count} subtask(s).
diff --git a/lib/plugins/acts_as_attachable/lib/acts_as_attachable.rb b/lib/plugins/acts_as_attachable/lib/acts_as_attachable.rb
index ae7e605..49c6cda 100644
--- a/lib/plugins/acts_as_attachable/lib/acts_as_attachable.rb
+++ b/lib/plugins/acts_as_attachable/lib/acts_as_attachable.rb
@@ -79,15 +79,19 @@ module Redmine
           if attachments.is_a?(Array)
             attachments.each do |attachment|
               next unless attachment.is_a?(Hash)
-              a = nil
               if file = attachment['file']
                 next unless file.size > 0
-                a = Attachment.create(:file => file, :author => author)
+                Attachment.create do |a|
+                  a.file = file
+                  a.author = author
+                  a.is_private = true if attachment['private'] == true
+                end
               elsif token = attachment['token']
                 a = Attachment.find_by_token(token)
                 next unless a
                 a.filename = attachment['filename'] unless attachment['filename'].blank?
                 a.content_type = attachment['content_type']
+                a.is_private = true if attachment['private'] == true
               end
               next unless a
               a.description = attachment['description'].to_s.strip
diff --git a/lib/redmine.rb b/lib/redmine.rb
index 8d244e4..0687758 100644
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@@ -155,6 +155,8 @@ Redmine::AccessControl.map do |map|
   map.project_module :files do |map|
     map.permission :manage_files, {:files => [:new, :create], :attachments => :upload}, :require => :loggedin
     map.permission :view_files, {:files => :index, :versions => :download}, :read => true
+    map.permission :manage_private_files, {:files => [:new, :create], :attachments => :upload}, :public => false, :require => :member
+    map.permission :view_private_files, {:files => [:index, :versions => :download]}, :public => false, :require => :member, :read => true
   end
 
   map.project_module :wiki do |map|