diff -up cronie-1.4.3/src/security.c.old cronie-1.4.3/src/security.c
--- cronie-1.4.3/src/security.c.old	2009-09-25 08:23:18.000000000 +0200
+++ cronie-1.4.3/src/security.c	2009-11-05 16:43:13.000000000 +0100
@@ -486,9 +486,37 @@ void free_security_context(security_cont
 
 int crontab_security_access(void) {
 #ifdef WITH_SELINUX
-	if (is_selinux_enabled() > 0)
-		if (selinux_check_passwd_access(PASSWD__CRONTAB) != 0)
-			return -1;
+	int selinux_check_passwd_access = -1;
+	if (is_selinux_enabled() > 0) {
+		security_context_t user_context;
+		if (getprevcon_raw(&user_context) == 0) {
+			security_class_t passwd_class;
+			struct av_decision avd;
+			int retval;
+
+			passwd_class = string_to_security_class("passwd");
+			if (passwd_class == 0) {
+				selinux_check_passwd_access = -1;
+				fprintf(stderr, "Security class \"passwd\" is not defined in the SELinux policy.\n");
+			}
+
+			retval = security_compute_av_raw(user_context,
+							user_context,
+							passwd_class,
+							PASSWD__CRONTAB,
+							&avd);
+
+			if ((retval == 0) && ((PASSWD__CRONTAB & avd.allowed) == PASSWD__CRONTAB)) {
+				selinux_check_passwd_access = 0;
+			}
+			freecon(user_context);
+		}
+
+		if (selinux_check_passwd_access != 0 && security_getenforce() == 0)
+			selinux_check_passwd_access = 0;
+
+		return selinux_check_passwd_access;
+	}
 #endif
 	return 0;
 }