diff --git a/core/modules/system/system.admin.inc b/core/modules/system/system.admin.inc
index d08c4ce..ba9643d 100644
--- a/core/modules/system/system.admin.inc
+++ b/core/modules/system/system.admin.inc
@@ -1722,15 +1722,20 @@ function system_clear_page_cache_submit($form, &$form_state) {
  *
  * @ingroup forms
  * @see system_settings_form()
+ * @see system_file_system_settings_validate()
+ * @see system_file_system_settings_submit()
  */
 function system_file_system_settings() {
+  $form = array(
+    '#validate' => array('system_file_system_settings_validate'),
+    '#submit' => array('system_file_system_settings_submit'),
+  );
   $form['file_public_path'] = array(
     '#type' => 'textfield',
     '#title' => t('Public file system path'),
     '#default_value' => variable_get('file_public_path', conf_path() . '/files'),
     '#maxlength' => 255,
     '#description' => t('A local file system path where public files will be stored. This directory must exist and be writable by Drupal. This directory must be relative to the Drupal installation directory and be accessible over the web.'),
-    '#after_build' => array('system_check_directory'),
   );
 
   $form['file_private_path'] = array(
@@ -1739,7 +1744,6 @@ function system_file_system_settings() {
     '#default_value' => variable_get('file_private_path', ''),
     '#maxlength' => 255,
     '#description' => t('An existing local file system path for storing private files. It should be writable by Drupal and not accessible over the web. See the online handbook for <a href="@handbook">more information about securing private files</a>.', array('@handbook' => 'http://drupal.org/documentation/modules/file')),
-    '#after_build' => array('system_check_directory'),
   );
 
   $form['file_temporary_path'] = array(
@@ -1748,7 +1752,6 @@ function system_file_system_settings() {
     '#default_value' => variable_get('file_temporary_path', file_directory_temp()),
     '#maxlength' => 255,
     '#description' => t('A local file system path where temporary files will be stored. This directory should not be accessible over the web.'),
-    '#after_build' => array('system_check_directory'),
   );
   // Any visible, writeable wrapper can potentially be used for the files
   // directory, including a remote file system that integrates with a CDN.
@@ -1770,6 +1773,36 @@ function system_file_system_settings() {
 }
 
 /**
+ * Validate system_file_system_settings forms.
+ *
+ * @see system_file_system_settings_submit().
+ */
+function system_file_system_settings_validate($form, &$form_state) {
+  $resolved_public_path = realpath($form['file_public_path']['#value']);
+  $resolved_private_path = realpath($form['file_private_path']['#value']);
+  $resolved_temporary_path = realpath($form['file_temporary_path']['#value']);
+
+  if ($resolved_public_path == $resolved_private_path) {
+    form_set_error('file_private_path', t('The private file system path must not be the same as the public file system path.'));
+  }
+
+  if ($resolved_public_path == $resolved_temporary_path) {
+    form_set_error('file_temporary_path', t('The temporary directory must not be the same as the public file system path.'));
+  }
+}
+
+/**
+ * Verify public, private, and temporary paths exist, or can be created.
+ *
+ * @see system_file_system_settings_validate()
+ */
+function system_file_system_settings_submit($form, &$form_state) {
+  system_check_directory($form['file_public_path'], FALSE);
+  system_check_directory($form['file_private_path'], TRUE);
+  system_check_directory($form['file_temporary_path'], TRUE);
+}
+
+/**
  * Form builder; Configure site image toolkit usage.
  *
  * @ingroup forms
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index 950fee6..c4fca0f 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -2664,8 +2664,11 @@ function system_admin_menu_block($item) {
  *
  * @param $form_element
  *   The form element containing the name of the directory to check.
+ * @param boolean $private
+ *   (optional) If $private is TRUE, create an .htaccess file configured for
+ *   secure access in the directory specified by $form_element.
  */
-function system_check_directory($form_element) {
+function system_check_directory($form_element, $private = TRUE) {
   $directory = $form_element['#value'];
   if (strlen($directory) == 0) {
     return $form_element;
@@ -2683,14 +2686,7 @@ function system_check_directory($form_element) {
     watchdog('file system', 'The directory %directory exists but is not writable and could not be made writable.', array('%directory' => $directory), WATCHDOG_ERROR);
   }
   elseif (is_dir($directory)) {
-    if ($form_element['#name'] == 'file_public_path') {
-      // Create public .htaccess file.
-      file_save_htaccess($directory, FALSE);
-    }
-    else {
-      // Create private .htaccess file.
-      file_save_htaccess($directory);
-    }
+    file_save_htaccess($directory, $private);
   }
 
   return $form_element;
