Hubert Touvet made an excellent spot where permissions were not being applied correctly to the root directory of a share in some cases. For example, if you had
[/dev/hda1]/:andy:RWEBX
And I (andy) tried to touch /somefilethatdoesntexist, I would be unable to. All the permissions were propogating correctly, they were just not being applied to the root directory on files that did not exist already.