diff --git a/appl/rsh/rsh.c b/appl/rsh/rsh.c
index e687e3439..723e11477 100644
--- a/appl/rsh/rsh.c
+++ b/appl/rsh/rsh.c
@@ -812,12 +812,15 @@ main(int argc, char **argv)
     const char *local_user;
     char *host = NULL;
     int host_index = -1;
-    int status; 
+    int status;
+    uid_t uid;
 
     priv_port1 = priv_port2 = IPPORT_RESERVED-1;
     priv_socket1 = rresvport(&priv_port1);
     priv_socket2 = rresvport(&priv_port2);
-    setuid(getuid());
+    uid = getuid ();
+    if (setuid (uid) || (uid != 0 && setuid(0) == 0))
+	err (1, "setuid");
     
     set_progname (argv[0]);
 
diff --git a/appl/su/su.c b/appl/su/su.c
index 7210a6c60..29d7e1c8b 100644
--- a/appl/su/su.c
+++ b/appl/su/su.c
@@ -405,7 +405,8 @@ main(int argc, char **argv)
 	    err(1, "setgid");
 	if (initgroups (su_info->pw_name, su_info->pw_gid) < 0)
 	    err (1, "initgroups");
-	if(setuid(su_info->pw_uid) < 0)
+	if(setuid(su_info->pw_uid) < 0
+	   || (su_info->pw_uid != 0 && setuid(0) == 0))
 	    err(1, "setuid");
 
 #ifdef KRB5