diff --git a/src/tools/miri/src/shims/unix/fs.rs b/src/tools/miri/src/shims/unix/fs.rs
index 8df54616b562..419157aac6d4 100644
--- a/src/tools/miri/src/shims/unix/fs.rs
+++ b/src/tools/miri/src/shims/unix/fs.rs
@@ -863,6 +863,12 @@ fn chmod(&mut self, path_op: &OpTy<'tcx>, mode_op: &OpTy<'tcx>) -> InterpResult<
         }
         let path = this.read_path_from_c_str(path_ptr)?;
 
+        // Reject if isolation is enabled.
+        if let IsolatedOp::Reject(reject_with) = this.machine.isolated_op {
+            this.reject_in_isolation("`chmod`", reject_with)?;
+            return this.set_last_error_and_return_i32(LibcError("EACCES"));
+        }
+
         let permissions = this.host_permissions_from_mode(mode.try_into().unwrap())?;
         if let Err(err) = fs::set_permissions(path, permissions) {
             return this.set_last_error_and_return_i32(IoError::HostError(err));
@@ -885,6 +891,12 @@ fn fchmod(&mut self, fd_op: &OpTy<'tcx>, mode_op: &OpTy<'tcx>) -> InterpResult<'
             throw_unsup_format!("`fchmod` is only supported on regular files")
         };
 
+        // Reject if isolation is enabled.
+        if let IsolatedOp::Reject(reject_with) = this.machine.isolated_op {
+            this.reject_in_isolation("`fchmod`", reject_with)?;
+            return this.set_last_error_and_return_i32(LibcError("EACCES"));
+        }
+
         let permissions = this.host_permissions_from_mode(mode.try_into().unwrap())?;
         if let Err(err) = file.file.set_permissions(permissions) {
             return this.set_last_error_and_return_i32(IoError::HostError(err));