From d823b09d9a68368459ad598d8bd8413a751950f2 Mon Sep 17 00:00:00 2001
From: Leah Neukirchen <leah@vuxu.org>
Date: Fri, 15 May 2020 20:37:06 +0200
Subject: explain how to run with CAP_NET_BIND_SERVICE

---
 FEATURES | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/FEATURES b/FEATURES
index c46a4e3..5524dd8 100644
--- a/FEATURES
+++ b/FEATURES
@@ -23,6 +23,11 @@ Anti features:
 - No config files
 - No CGI support
 - No SSL, use behind hitch or the like
+- No setuid, if you want to bind to a low port, use (on Linux)
+
+	capsh --keep=1 --user=www-data \
+	      --inh=cap_net_bind_service --addamb=cap_net_bind_service -- \
+	      -c '/usr/local/bin/hittpd /srv/http'
 
 Other nifty small webservers to look at:
 
-- 
cgit 1.4.1