Both cdebootstrap and debootstrap uses plain tar to extract packages the first time. If one package (lib6) contains the symlink /lib64 -> /lib, another package (in this case libattr1) which includes files in /lib64, will be extracted into the host system and overwrite files there, as tar follows the symlinks. Bastian