* Thomas Goirand: > Which would be the wrong way of doing things / wrong reason > for using root as running user, since you can set the > CAP_NET_BIND_SERVICE capability... (man capabilities ...) This allows to bind to all lower ports, which in some cases is equivalent to root privileges. A more fine-grained mechanism is needed.