mc2718 There are reasons CAP_NET_BIND_SERVICE is not default for normal users under Linux. 1) Lot of the 1024 and under ports are items that run for a very long time. So should be protected by running as independent users and preferable have a Linux Secuirty Module configured over them. If you need to be going near root or capabilities it a warning sign. 843 is one of the big question marks to me. Seriously why. Only use of that I know of is this http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html Its a native perl or python script. Normally you use the python. Now if something else is using that port there could be big trouble. Even port 80 is question mark.
