Hacker News new | past | comments | ask | show | jobs | submit login

you can't bind to port 80/443 without being root unless you have cap_net_bind_service. so instead of using nat/caps you just spawn as root to bind.



Right, but there's no reason for the parent process to keep root privileges after binding to the privileged ports.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: