Only do the whole Linux-capabilities dance when run as root (user-id 0).
This eliminates the error messages that would be displayed/logged when attempting the SYS_capset SYSCALL, which fails when not root. So the capabilities dance enabled with USE_LINUX_CAPS (which is automatically enabled when /usr/include/sys/capabilites.h exists, which is installed with the libcap2-dev package) apparently is still useful if you need to start sbbs as root: the main thread will remain as root even when the child threads have their user-id's changed to the user specified in the [UNIX] section of sbbs.ini or on the command-line - so reducing the enabled privilege set for this root/main thread to the minimum needed, is a good security measure. It does this reduction (call to linux_minprivs() after the call to change_user()) so I'm not exactly sure how that works, but according to Deuce, this is what's happening. :-/