Linux unprivileged user bind privileged ports
On transport protocols such as TCP, UDP, and SCTP, ports 1-1023 are by default privileged ports. To bind to a privileged port, a process must be running with root permissions. Ports that are greater than 1023 are by default non-privileged.
This is a problem when you want to run a Docker webserver image as an unprivileged user.
The best solution is to expose a unprivileged port instead of port 80. But this might break things when an image is already in use in a context that expects port 80.
To give a unprivileged process (for example varnishd) access to unprivileged ports you can use setcap
.