authbind allows a system administrator to provide configuration which lets otherwise unprivileged users bind to ports 1 through 511. This leaves 512 through 1023 unavailable to users. The man page offers a somewhat cryptic explanation of this behavior, "Ports from 512 to 1023 inclusive cannot be used with authbind because that would create a security hole, in conjection with rshd." (in the BUGS section, no less). I suppose I believe that the potential for a security hole exists, but I don't really care. Why would I even use rsh if I were occupied with security? Besides, even if authbind were to allow ports 512 through 1023 to be bound by unprivileged users, this would not force system administrators to allow this. A site where rsh is in use can simply not enable this behavior.
Because authbind can't allow users to bind ports in this range, other possible security holes are opened up. Programs get run as root, ports get forwarded, etc. And there are lots of good reasons to allow users to bind ports in this range. 995 is just as important as 110, for example.
There seems to be no good reason for this restriction, but lots of good reasons to remote it. Wouldn't authbind be better if it were removed?
Agreed.