These patches allow an administrator to delegate privilege for some protected network resources to non-root users. They are generally used to run untrusted or insecure applications as an unprivileged process, thereby mitigating some undiscovered denial of service or root compromise. The ACLs currently cover protected ports, raw sockets, and packet sockets.