Bug#764066: fails download when running a stable kernel: PR_SET_NO_NEW_PRIVS failed with -1

[Helmut Grohne <helmut@subdivi.de>]

Package: apt
Version: 1.1~exp3
Severity: important

After updating apt to experimental in a chroot running on a stable
machine, download operations fail. Example output:

# apt-get source glibc
Reading package lists...
Building dependency tree...
Reading state information...
NOTICE: 'glibc' packaging is maintained in the 'Svn' version control system at:
svn://svn.debian.org/pkg-glibc/glibc-package/
Need to get 13.4 MB of source archives.
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (dsc)
  PR_SET_NO_NEW_PRIVS failed with -1
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (tar)
  Could not open file glibc_2.19.orig.tar.xz - open (13: Permission denied)
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (diff)
  Could not open file glibc_2.19-11.debian.tar.xz - open (13: Permission denied)
E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19-11.dsc  PR_SET_NO_NEW_PRIVS failed with -1

E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19.orig.tar.xz  Could not open file glibc_2.19.orig.tar.xz - open (13: Permission denied)

E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19-11.debian.tar.xz  Could not open file glibc_2.19-11.debian.tar.xz - open (13: Permission denied)

E: Failed to fetch some archives.
#

Apt should degrade gracefully to the unavailability of the
PR_SET_NO_NEW_PRIVS prctl on older kernels. After all this is "only" a
hardening measure.

Helmut