2 files changed, 30 insertions, 8 deletions

diff --git a/usr.sbin/cron/cron/do_command.c b/usr.sbin/cron/cron/do_command.c
index 258e4a2b6e3c..1e6fe05502e3 100644
--- a/usr.sbin/cron/cron/do_command.c
+++ b/usr.sbin/cron/cron/do_command.c
@@ -245,12 +245,29 @@ child_process(e, u)
 			/* set our directory, uid and gid.  Set gid first,
 			 * since once we set uid, we've lost root privledges.
 			 */
-			setgid(e->gid);
+			if (setgid(e->gid) != 0) {
+				log_it(usernm, getpid(),
+				    "error", "setgid failed");
+				exit(ERROR_EXIT);
+			}
 # if defined(BSD)
-			initgroups(usernm, e->gid);
+			if (initgroups(usernm, e->gid) != 0) {
+				log_it(usernm, getpid(),
+				    "error", "initgroups failed");
+				exit(ERROR_EXIT);
+			}
 # endif
-			setlogin(usernm);
-			setuid(e->uid);		/* we aren't root after this..*/
+			if (setlogin(usernm) != 0) {
+				log_it(usernm, getpid(),
+				    "error", "setlogin failed");
+				exit(ERROR_EXIT);
+			}
+			if (setuid(e->uid) != 0) {
+				log_it(usernm, getpid(),
+				    "error", "setuid failed");
+				exit(ERROR_EXIT);
+			}
+			/* we aren't root after this..*/
 #if defined(LOGIN_CAP)
 		}
 		if (lc != NULL)
diff --git a/usr.sbin/cron/cron/popen.c b/usr.sbin/cron/cron/popen.c
index 806676da4429..06e8c1c75b3b 100644
--- a/usr.sbin/cron/cron/popen.c
+++ b/usr.sbin/cron/cron/popen.c
@@ -175,12 +175,17 @@ cron_popen(program, type, e)
 				/* set our directory, uid and gid.  Set gid first,
 				 * since once we set uid, we've lost root privledges.
 				 */
-				setgid(e->gid);
+				if (setgid(e->gid) != 0)
+					_exit(ERROR_EXIT);
 # if defined(BSD)
-				initgroups(usernm, e->gid);
+				if (initgroups(usernm, e->gid) != 0)
+					_exit(ERROR_EXIT);
 # endif
-				setlogin(usernm);
-				setuid(e->uid);         /* we aren't root after this..*/
+				if (setlogin(usernm) != 0)
+					_exit(ERROR_EXIT);
+				if (setuid(e->uid) != 0)
+					_exit(ERROR_EXIT);
+				/* we aren't root after this..*/
 #if defined(LOGIN_CAP)
 			}
 			if (lc != NULL)