After my install, /usr/bin was owned by user bin. Non-root ownership of system directories + NFS == any other system's root can become root.
State Changed From-To: open->closed NFS is a security hole in any case, so if you export your FS read-write you are asking for trouble. Solution is to not export any FS you are concerned about read-write.