It doesn't actually grant any ports, since the kernel decides this. This complicates the stack for no particular reason, and adds more complex recovery scenarios (this is what went wrong during the reboot during the GHOST update).
the uwsgi and node tools simply use the uid of the tool user as port, and this works well since one tool can have only one webservice. Let's get rid of portgranter and just use that instead. I verified that all our tools have uid in 5xxxx range, and should be good.