Hacker News new | past | comments | ask | show | jobs | submit login

you can't bind to port 80/443 without being root unless you have cap_net_bind_service. so instead of using nat/caps you just spawn as root to bind.



Right, but there's no reason for the parent process to keep root privileges after binding to the privileged ports.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: