diff --git a/mmdebstrap b/mmdebstrap
index 9cfa316..ae767f4 100755
--- a/mmdebstrap
+++ b/mmdebstrap
@@ -2251,10 +2251,21 @@ sub run_setup() {
         # root mode when the path of the chroot is not in a world-readable
         # location.
         my $partial = '/var/lib/apt/lists/partial';
-        if (
-            system('/usr/lib/apt/apt-helper', 'drop-privs', '--', 'test',
-                '-r', "$options->{root}$partial") != 0
-        ) {
+        my @testcmd = (
+            '/usr/lib/apt/apt-helper', 'drop-privs', '--', 'test',
+            '-r', "$options->{root}$partial"
+        );
+        my $pid = fork() // error "fork() failed: $!";
+        if ($pid == 0) {
+            open(STDOUT, '>', '/dev/null')
+              or error "cannot open /dev/null for writing: $!";
+            open(STDERR, '>', '/dev/null')
+              or error "cannot open /dev/null for writing: $!";
+            exec { $testcmd[0] } @testcmd
+              or error("cannot exec " . (join " ", @testcmd) . ": $!");
+        }
+        waitpid $pid, 0;
+        if ($? != 0) {
             warning "Download is performed unsandboxed as root as file"
               . " $options->{root}$partial couldn't be accessed by user _apt";
             open my $fh, '>>', $tmpfile