[esbranson]

tracepath on Linux does not need the CAP_NET_RAW capability (or full root capabilities) during network data processing because it relies on the Linux socket error queue behavior. I assume traceroute on OpenBSD opens all required sockets and immediately drops privileges.