Use CAP_NET_BIND_SERVICE to grant low-numbered port access to a process:
With this you can grant permanent access to a specific binary to bind to low-numbered ports via the setcap command:
For more details on the e/i/p part, see cap_from_text.
After doing this, /path/to/binary will be able to bind to low-numbered ports. Note that you must use setcap on the binary itself rather than a symlink.