New proposed system group "scap" and setuid binary "dumpcalls"

[Bálint Réczey <balint@balintreczey.hu>]

Hi,

The wireshark source package soon starts shipping the Stratoshark
[1][2] system call analyzer, a new GUI that uses the dumpcalls [3]
helper program to monitor and collect local system calls.
The dumpcalls [3] binary either needs to be setuid or - hopefully be
able to rely only on narrower Linux Capabilities to collect
information from the system [4].

The "scap" group name comes from libscap's name and that comes from
System CAPture.
I think it is OK to use the abbreviated form, since the library name
is already reserved in Debian, while it is shipped in
libfalcosecurity0t64 for now. Upstream already uses this group name
for some time in upstream-provided .debs.

The Debian Policy governs the process of adding new setuid binaries
[5], thus hereby I'm looking for the approval of the binary and the
group name, or feedback if changes would be necessary.

Cheers,
Balint

PS: The dumpcall binary has just been split [3] from falcodump [6] to
minimize the code running with elevated privileges.

[1] https://stratoshark.org/
[2] https://packages.debian.org/experimental/stratoshark
[3] https://gitlab.com/wireshark/wireshark/-/merge_requests/21618
[4] https://gitlab.com/wireshark/wireshark/-/blob/master/packaging/debian/stratoshark.postinst
[5] https://www.debian.org/doc/debian-policy/ch-files.html#permissions-and-owners
[6] https://manpages.debian.org/experimental/wireshark-common/falcodump.1.en.html