Ariadne Constas, a renowned developer known for her work on Audacious and her contributions to Alpine Linux, has introduced an alternative to the traditional sudo command. This new approach, called capsudo, is based on object-capability model to improve security. Unlike the monolithic SUID-binary of sudo, capsudo uses two components: a non-privileged client utility and a privileged daemon called capsudod, which communicate through a Unix socket. The permissions are defined by the access rights to this socket. For instance, to grant a user the right to reboot, an administrator creates a socket called reboot-capability, binds it to the reboot command, and sets the corresponding permissions. This approach reduces the attack surface and allows for fine-grained privilege separation. However, it requires running a separate daemon for each operation, which might be excessive for certain scenarios. The project offers a fresh perspective on access control, abandoning the complex configuration of sudo in favor of a file system and socket access rights.