"Capabilities are鈥攁t least in theory鈥攁 nice idea: divide the privileges of root into small pieces so that a process can be granted just enough power to perform specific privileged tasks. "
"The key point from the beginning of this article is small pieces, and it's here that the Linux capabilities implementation has gone astray."
