pub fn set_keep_capabilities(enable: bool) -> Result<()>
Set the state of the calling thread’s keep capabilities flag.
keep capabilities
prctl(PR_SET_KEEPCAPS,…)