Re:old news (Score 1)

I'm accompanying this implementation with documentation and testing of file capabilities since more than a year. My impression is since the usage of capabilities is as simple as storing them in the file system and using the in-kernel infrastructure, there is wider interest in capabilities and more development in this field. Now you can control the power of programs and daemons/server, in a simple and intuitive way. You don't have to trust the program to decrease its capabilities. See here for examples http://www.friedhoff.org/posixfilecaps.html. And you can secure your system without a security infrastructure, of which quite a few people say they are to complicated to be securely applied. If you know people/systems that use capabilities to secure systems, let me know.