Each Linux process has four sets of bitmaps. By Default each bitmap is 32 bit for 32 different capability.
The effective capability set indicates what capabilities are effective The Process can use now
The process can have capabilities set in the permitted set that are not in the effective set. This indicates that the process has temporarily disabled this capability. A process is allowed to set a bit in its effective set only if it is available in the permitted set. The distinction between effective and permitted makes it possible for a process to disable, enable and drop privileges
Indicates what capabilities of the current process should be inherited by the program executed by the current process
Determine forbidden capabilities
Allows set, the forced set, and the effective set