Version 2.2 of the Linux kernel has a capability system, so processes can have eg. CAP_MODULE, which allows insertion and removal of modules, without having to possess full root privelege. As designed, this capability system is currently unusable due to a lack of capability support in the vfs layer. However, with the aid of a kernel patch (included), it can be perverted to allow administrators to give user programs certain capabilities via. sudo. This is what whichcap aims to allow you to do.