--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/g10/status.c	2004-07-21 09:59:45.000000000 +0200
+++ gnupg-1.2.5/g10/status.c	2004-08-01 20:07:42.071690680 +0200
@@ -346,6 +346,9 @@
 {
     char buf[100];
     struct shmid_ds shmds;
+#ifdef USE_CAPABILITIES
+    cap_t caps;
+#endif
 
 #ifndef IPC_RMID_DEFERRED_RELEASE
     atexit( remove_shmid );
@@ -371,7 +374,9 @@
 			    (unsigned)shm_size/1024, shm_area, shm_id );
     if( lock_mem ) {
 #ifdef USE_CAPABILITIES
-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+	caps = cap_from_text("cap_ipc_lock=ep");
+	cap_set_proc( caps );
+	cap_free( caps );
 #endif
 	/* (need the cast for Solaris with Sun's workshop compilers) */
 	if ( mlock ( (char*)shm_area, shm_size) )
@@ -380,7 +385,9 @@
 	else
 	    shm_is_locked = 1;
 #ifdef USE_CAPABILITIES
-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
+	caps = cap_from_text("cap_ipc_lock=p");
+	cap_set_proc( caps );
+	cap_free( caps );
 #endif
     }
 
@@ -407,7 +414,9 @@
 
     if( lock_mem ) {
 #ifdef USE_CAPABILITIES
-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+	caps = cap_from_text("cap_ipc_lock=ep");
+	cap_set_proc( caps );
+	cap_free( caps );
 #endif
 #ifdef IPC_HAVE_SHM_LOCK
 	if ( shmctl (shm_id, SHM_LOCK, 0) )
@@ -419,7 +428,9 @@
 	log_info("Locking shared memory %d failed: No way to do it\n", shm_id );
 #endif
 #ifdef USE_CAPABILITIES
-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
+	caps = cap_from_text("cap_ipc_lock=p");
+	cap_set_proc( caps );
+	cap_free( caps );
 #endif
     }
 
--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/util/secmem.c	2004-02-24 17:06:58.000000000 +0100
+++ gnupg-1.2.5/util/secmem.c	2004-08-01 20:08:10.873412378 +0200
@@ -97,12 +97,18 @@
 {
 #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
     int err;
+    cap_t caps;
+
+    caps = cap_from_text("cap_ipc_lock=ep");
+    cap_set_proc( caps );
+    cap_free( caps );
 
-    cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
     err = mlock( p, n );
     if( err && errno )
 	err = errno;
-    cap_set_proc( cap_from_text("cap_ipc_lock+p") );
+    caps = cap_from_text("cap_ipc_lock=p");
+    cap_set_proc( caps );
+    cap_free( caps );
 
     if( err ) {
 	if( errno != EPERM
@@ -301,8 +307,12 @@
     if( !n ) {
 #ifndef __riscos__
 #ifdef USE_CAPABILITIES
+	cap_t caps;
+
 	/* drop all capabilities */
-	cap_set_proc( cap_from_text("all-eip") );
+	caps = cap_from_text("all-eip");
+	cap_set_proc( caps );
+	cap_free( caps );
 
 #elif !defined(HAVE_DOSISH_SYSTEM)
 	uid_t uid;