CAP_NET_BIND_SERVICE checking in inet_bind vs socket_bind

Why does inet_bind (instead of socket_bind) check that ports below 1024 require CAP_NET_BIND_SERVICE? Couldn't this check be moved to the dummy socket_bind so that the behaviour can be changed by a security module? --- diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index cf358c8..d75a2c5

CAP_NET_BIND_SERVICE checking in inet_bind vs socket_bind

Why does inet_bind (instead of socket_bind) check that ports below 1024 require CAP_NET_BIND_SERVICE? Couldn't this check be moved to the dummy socket_bind so that the behaviour can be changed by a security module? --- diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index cf358c8..d75a2c5