diff -up cronie-1.4.11/src/do_command.c.pff cronie-1.4.11/src/do_command.c
--- cronie-1.4.11/src/do_command.c.pff	2013-07-18 14:27:08.000000000 +0200
+++ cronie-1.4.11/src/do_command.c	2014-04-30 14:42:32.761953732 +0200
@@ -238,6 +238,12 @@ static int child_process(entry * e, char
 		 */
 		{
 			char *shell = env_get("SHELL", jobenv);
+			int fd, fdmax = getdtablesize();
+
+			/* close all unwanted open file descriptors */
+			for(fd = STDERR + 1; fd < fdmax; fd++) {
+				close(fd);
+			}
 
 #if DEBUGGING
 			if (DebugFlags & DTEST) {
diff -up cronie-1.4.11/src/popen.c.pff cronie-1.4.11/src/popen.c
--- cronie-1.4.11/src/popen.c.pff	2013-07-18 14:27:08.000000000 +0200
+++ cronie-1.4.11/src/popen.c	2014-04-30 14:43:42.177095194 +0200
@@ -69,6 +69,7 @@ FILE *cron_popen(char *program, const ch
 	ssize_t out;
 	char buf[PIPE_BUF];
 	struct sigaction sa;
+	int fd;
 
 #ifdef __GNUC__
 	(void) &iop;	/* Avoid fork clobbering */
@@ -121,6 +122,11 @@ FILE *cron_popen(char *program, const ch
 		sa.sa_handler = SIG_DFL;
 		sigaction(SIGPIPE, &sa, NULL);
 
+		/* close all unwanted open file descriptors */
+		for (fd = STDERR + 1; fd < fds; fd++) {
+			close(fd);
+		}
+
 		if (cron_change_user_permanently(pw, pw->pw_dir) != 0)
 			_exit(2);