Capability inheritance


Capabilities can be set to be inheritable on a per-capability basis. 

Capabilities can be set to be dropped at execve time

Requires that the application is capabilities-aware.