Disallow setuid programs?

Do not allow set-user-identifier or set-group-identifier bits to take effect.

mount options: suid/nosuid

---