diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c
index 60be56b28..28fd649cd 100644
--- a/src/platform/nm-linux-platform.c
+++ b/src/platform/nm-linux-platform.c
@@ -1462,6 +1462,12 @@ sysctl_set (NMPlatform *platform, const char *path, const char *value)
 	g_return_val_if_fail (path != NULL, FALSE);
 	g_return_val_if_fail (value != NULL, FALSE);
 
+	/* Don't write outside known locations */
+	g_assert (g_str_has_prefix (path, "/proc/sys/")
+	          || g_str_has_prefix (path, "/sys/"));
+	/* Don't write to suspicious locations */
+	g_assert (!strstr (path, "/.."));
+
 	fd = open (path, O_WRONLY | O_TRUNC);
 	if (fd == -1) {
 		if (errno == ENOENT) {
@@ -1555,6 +1561,12 @@ sysctl_get (NMPlatform *platform, const char *path)
 	GError *error = NULL;
 	char *contents;
 
+	/* Don't write outside known locations */
+	g_assert (g_str_has_prefix (path, "/proc/sys/")
+	          || g_str_has_prefix (path, "/sys/"));
+	/* Don't write to suspicious locations */
+	g_assert (!strstr (path, "/.."));
+
 	if (!g_file_get_contents (path, &contents, NULL, &error)) {
 		/* We assume FAILED means EOPNOTSUP */
 		if (   g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_NOENT)
diff --git a/src/platform/nm-platform.c b/src/platform/nm-platform.c
index 9ceab53ce..49ab6c016 100644
--- a/src/platform/nm-platform.c
+++ b/src/platform/nm-platform.c
@@ -255,12 +255,6 @@ nm_platform_sysctl_set (const char *path, const char *value)
 	g_return_val_if_fail (value, FALSE);
 	g_return_val_if_fail (klass->sysctl_set, FALSE);
 
-	/* Don't write outside known locations */
-	g_assert (g_str_has_prefix (path, "/proc/sys")
-			|| g_str_has_prefix (path, "/sys"));
-	/* Don't write to suspicious locations */
-	g_assert (!strstr (path, ".."));
-
 	return klass->sysctl_set (platform, path, value);
 }