--- vixie-cron-4.1/crontab.c.crontab_selinux_new	2004-09-17 11:42:45.484765000 -0400
+++ vixie-cron-4.1/crontab.c	2004-09-17 11:35:53.078584000 -0400
@@ -33,35 +33,7 @@
 #include "cron.h"
 #ifdef WITH_SELINUX
 #include <selinux/selinux.h>
-#include <selinux/flask.h>
 #include <selinux/av_permissions.h>
-#include <selinux/context.h>
-
-static int checkAccess(int selaccess) {
-	int status=-1;
-	security_context_t user_context;
-	if (is_selinux_enabled() == 0) 
-		return 0;
-	if( getprevcon(&user_context)==0 ) {
-		struct av_decision avd;
-		int retval = security_compute_av(user_context,
-						 user_context,
-						 SECCLASS_PASSWD,
-						 selaccess,
-						 &avd);
-		
-		if ((retval == 0) && 
-		    ((selaccess & avd.allowed) == selaccess)) {
-			status=0;
-		}
-		freecon(user_context);
-	}
-	
-	if (status != 0 && security_getenforce()==0) 
-		status=0;
-	
-	return status;
-}
 #endif
 
 
@@ -192,10 +164,12 @@
 				exit(ERROR_EXIT);
 			}
 #ifdef WITH_SELINUX
-			if (checkAccess(PASSWD__ROOTOK)!=0) {
-				fprintf(stderr,
-					"Access denied by SELinux, must be privileged to use -u\n");
-				exit(ERROR_EXIT);
+			if (is_selinux_enabled() > 0) {
+				if (checkPasswdAccess(PASSWD__CRONTAB)!=0) {
+					fprintf(stderr,
+						"Access denied by SELinux, must be privileged to use -u\n");
+					exit(ERROR_EXIT);
+				}
 			}
 #endif
 			if (!(pw = getpwnam(optarg))) {