I developed another sniffer and find myself executing testcase through sudo. While something bad not happen, I decided to look through capabilities functionality in Linux kernel. Very interesting things written in the manual:

man capabilities

My testcase started service in privileged port range and listened on loopback interface. In the …