diff --git a/examples/non-root/main.go b/examples/setuid/main.go
similarity index 69%
rename from examples/non-root/main.go
rename to examples/setuid/main.go
index 352212734962d1fcd0b2fdeba3fcd87d25c6ca2d..4c05e5fb2e84d37eef637fd03625a78fb4c0ae50 100644
--- a/examples/non-root/main.go
+++ b/examples/setuid/main.go
@@ -1,10 +1,15 @@
 //go:build darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
 // +build darwin dragonfly freebsd linux netbsd openbsd solaris
 
+// This is an example of binding soft-serve ssh port to a restricted port (<1024) and
+// then droping root privileges to a different user to run the server.
+// Make sure you run this as root.
+
 package main
 
 import (
 	"context"
+	"flag"
 	"fmt"
 	"log"
 	"net"
@@ -17,31 +22,29 @@ import (
 	"github.com/charmbracelet/soft-serve/server"
 )
 
-const (
-	port = 22
-	gid  = 1000
-	uid  = 1000
-)
-
 var (
-	addr = fmt.Sprintf(":%d", port)
+	port = flag.Int("port", 22, "port to listen on")
+	gid  = flag.Int("gid", 1000, "group id to run as")
+	uid  = flag.Int("uid", 1000, "user id to run as")
 )
 
 func main() {
+	flag.Parse()
+	addr := fmt.Sprintf(":%d", *port)
 	// To listen on port 22 we need root privileges
 	ls, err := net.Listen("tcp", addr)
 	if err != nil {
 		log.Fatalf("Can't listen: %s", err)
 	}
 	// We don't need root privileges any more
-	if err := syscall.Setgid(gid); err != nil {
+	if err := syscall.Setgid(*gid); err != nil {
 		log.Fatalf("Setgid error: %s", err)
 	}
-	if err := syscall.Setuid(uid); err != nil {
+	if err := syscall.Setuid(*uid); err != nil {
 		log.Fatalf("Setuid error: %s", err)
 	}
 	cfg := config.DefaultConfig()
-	cfg.Port = port
+	cfg.Port = *port
 	s := server.NewServer(cfg)
 
 	done := make(chan os.Signal, 1)