After my install, /usr/bin was owned by user bin.
Non-root ownership of system directories + NFS == any other
system's root can become root.
NFS is a security hole in any case, so if you export your FS read-write you
are asking for trouble. Solution is to not export any FS you are concerned