Linux® has been using capabilities for years, but has recently acquired POSIX file capabilities. POSIX file capabilities split root user powers into smaller privileges, such as the ability to read files or to trace processes owned by another user. By assigning capabilities to a file, you can enable an unprivileged user to execute the file with those specified privileges. In this article, learn how to program using capabilities and how to switch on the ability of your system setuid root binaries to use file capabilities.
Some programs need to perform privileged operations on behalf of an unprivileged user. For instance, the passwd program writes to the very sensitive /etc/passwd and /etc/shadow files. On UNIX® systems, you achieve this control by setting the setuid bit on the binary file. This bit tells the system that while the program is running -- regardless of who executed it -- it should be treated as belonging to the user who owns the file, typically the root user. Because the passwd program cannot be written to by the user, and is very constrained in what it allows the user to do, this setup is usually safe. More complicated programs make use of saved uids to switch back and forth between root and a non-root user.
http://www.linuxlinks.com/portal/news/article.php?story=20071224035525524