diff --git a/crypto/Makefile.am.tpl b/crypto/Makefile.am.tpl
index 7688fb9..bb30aa2 100644
--- a/crypto/Makefile.am.tpl
+++ b/crypto/Makefile.am.tpl
@@ -78,6 +78,9 @@ if NO_ISSETUGID
 if HOST_LINUX
 libcompat_la_SOURCES += compat/issetugid_linux.c
 endif
+if HOST_WIN
+libcompat_la_SOURCES += compat/issetugid_win.c
+endif
 endif
 
 noinst_HEADERS = des/ncbc_enc.c
diff --git a/crypto/compat/issetugid_win.c b/crypto/compat/issetugid_win.c
new file mode 100644
index 0000000..7602a9b
--- /dev/null
+++ b/crypto/compat/issetugid_win.c
@@ -0,0 +1,21 @@
+/*
+ * issetugid implementation for Windows
+ * Public domain
+ */
+
+#include <unistd.h>
+
+/*
+ * Windows does not have a native setuid/setgid functionality.
+ * A user must enter credentials each time a process elevates its
+ * privileges.
+ *
+ * So, in theory, this could always return 0, given what I know currently.
+ * However, it makes sense to stub out initially in 'safe' mode until we
+ * understand more (and determine if any disabled functionality is actually
+ * useful on Windows anyway).
+ */
+int issetugid(void)
+{
+	return 1;
+}