Next: Everyday life administration
When a program is executed, we check if we have some capabilities sets
related to it (directly or inherited). If we have, we check for set
tagged with the correct uid or the default flag. If we have both, we
take the one tagged with the uid. If we have none, the same check is
done with the parent directory, and so on until a capabilities set is
found. If none are found, the capabilities set will be empty.