Not needing root to administer Linux - the home of libcap
This site is devoted to announcing new versions of libcap (both C and Go implementations), and sharing information about using Linux Capabilities -- an alternative to the superuser model of privilege under Linux.
You can read about Linux Capabilities in this OLS paper.
Serge wrote a related article for Linux Journal.
You can download libcap(2) in the following ways:
Beyond Capability support, we provide a helper library for supporting POSIX semantics when libcap is used in threaded applications (linked against libpthread): libpsx.
This library can be used to support POSIX semantics for system calls not supported by the standard C libraries.
Some Go walk-through examples for manipulating privilege under Linux.
Feature requests and known issues are tracked here.
The Linux capability implementation is based on a defunct draft POSIX.1e specification for various UN*X security extensions