diff --git a/Running-docker-container-with-non-root-user.md b/Running-docker-container-with-non-root-user.md
index 62ed401..e7d4237 100644
--- a/Running-docker-container-with-non-root-user.md
+++ b/Running-docker-container-with-non-root-user.md
@@ -26,4 +26,10 @@ docker run -d \
   vaultwarden/server:latest
 ```
 
-Notice that the port mapping (`-p 80:1024`) reflects the `ROCKET_PORT` setting. 
\ No newline at end of file
+Notice that the port mapping (`-p 80:1024`) reflects the `ROCKET_PORT` setting. 
+
+Another way may be CAP_NET_BIND_SERVICE, which allows to bind to ports below 1024 as non-root user.
+
+    cap_add:
+      - CAP_NET_BIND_SERVICE
+    user: nobody