Hi, I've just release a system call interceptor system to freshmeat that uses LD_PRELOAD style wrappers to intercept and modify system calls. No root priveleges or chroot needed. I'm just finishing work now on a plugin for it that redirects system call writes and other file modifying events to a different directory offset: for example now when you do: make DESTDIR="$pkgdir" install You could do pito redirect -d"$pkgdir" make install There are some pretty large hacks and patches necessary in some PKGBUILDs to get packages to respect DESTDIR which would be no longer necessary if they utilised pito. pito redirect also fakes the root user and captures operations like "chmod" and "chown" so: pito redirect -upacman -d"$pkgdir" make install When run as root.. will run the "make install" as the user pacman, and then after the operation is finished will use its root privileges to chown files securely within $pkgdir as necessary. I believe arch currently runs install operations as root so the above method would increase security as it would remove the ability for packages to write to the file system in any way other than to $pkgdir (any writes that could theoretically escape the sandbox would only be as a user with low privileges anyway). There are also flags to allow writes to certain directories and remove default some basic needed allowed writes such as to /dev etc. I hope this project will be of use! The website for pito is http://chilon.net/pito. -- +44 (0) 7974 159 643 | james@chilon.net | http://chilon.net