On a classical Unix system the user root (UID 0) has all the
Hence root can read all files and kill every process
If a program needs a special permission it must have the identity
For example a backup program only need read access to all files
By running as root he gains total control of the system and can kill
Capabilities are the partitionning of the root permissions/privilege
into a set of distinct privileges: ex: CAP_SYS_TIME: capability to set
Capabilities are listed in /usr/src/linux/include/linux/capability.h.