Description
Lets selected non-root programs bind to privileged TCP ports from 0 to 1023. It is useful for running web or network services on standard ports without giving the whole process root privileges.
Permission rules must be narrow. Misconfiguration can let the wrong user or program impersonate trusted services on low ports, so review bindings and file permissions carefully.