diff --git a/plugins/encrypted_webinterface/root_action.py b/plugins/encrypted_webinterface/root_action.py
index 0a76370..1907c75 100755
--- a/plugins/encrypted_webinterface/root_action.py
+++ b/plugins/encrypted_webinterface/root_action.py
@@ -57,13 +57,21 @@ def run_stunnel(cert_file, src_port, dst_port, pid_file):
         return False
     ## the environment (especially PATH) should be clean, as 'stunnel' cares about
     ## this in a setuid situation
+    ## since stunnel v4.21 the libwrap library is used - this causes a hang,
+    ## if stdout and stderr are not redirected to /dev/null
+    ## see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482379
+    try:
+        devnull = open(os.devnull, "w")
+    except OSError, errmsg:
+        sys.stderr.write("Failed to open /dev/null: %s\n" % str(errmsg))
+        return False
     proc = subprocess.Popen(
         shell = False,
         env = {},
         stdin = subprocess.PIPE,
-        args = [ STUNNEL_BIN,
-            "-fd",
-            "0"])
+        stdout = devnull,
+        stderr = devnull,
+        args = [STUNNEL_BIN, "-fd", "0"])
     proc.stdin.write("setuid = %s\n" % username)
     proc.stdin.write("pid = %s\n" % pid_file)
     proc.stdin.write("[cryptobox-server]\n")