Linux

Sure it can. Unprivileged programs can't open ports below 1024, but they can sure use them once they have them. If apache had the programming for it, it could open the port as root, then switch to an unprivileged user and continue to use the network socket. There's a few pitfalls in this however -- your logfiles may end up owned by root and give you 'permission denied' when apache tries to log anything, etc. This and other reasons may be why apache doesn't.

Therefore, you cannot run a process as an unprivileged user and make it listen on ports below 1024.

BTW, lighttpd drops the privileges after opening the socket. But, as Corona688 said, you have to set the right permissions to it's log files.

I choose to give up finding solution to this problem.
Hope this issue be addressed at the kernel level in the future.

That's not too likely given there's already user-level(if apache would just implement it) and firewall-level solutions.

I'm not following you.

Apache starts as a priv user but all subsequent Apache processes have UIDs based on the conf file as mentioned by scottn here.

Apache works fine as is... so I am not sure what "if apache would just implement it" means....

The best solution for you problem is using suPHP
Visit: _http://www.suphp.org/Home.html

If your ask is how to allow a user to start/stop the webserver without having root / sudo access you can achieve this by having a C program perform the stop/start/restart. The C program would have to be root owned with a suid bit set. To mitigate risk of anyone stopping/starting the webserver you could perform a check within the program to ensure that the uid / guid executing the code is the only user / group authorized.

Mike