[$] Inheritable credentials for directory file descriptors

In Unix-like systems, an open file descriptor carries the right to accessthe opened object in specific ways. As a general rule, that filedescriptor does not enable access to any other objects. Therecently merged BPF token feature runscounter to this practice by creating file descriptors that carry specificBPF-related access rights. A similar but different approach tocapability-carrying file descriptors, in the form of directory filedescriptors that include their own credentials, is currently underconsideration in the kernel community.