In some mail I received from Luke Mewburn, sie wrote
> 
> it's been discussed in various places before that the default
> installation user:group of `bin:bin' is not the best solution:
> 	* security holes do exist that "get any user but root access" 
> 
> i propose that the default is changed (in /usr/share/mk/bsd.own.mk)
> to root:wheel. this also results in:
> 	* default NFS mapping of client root -> uid -2 means that
> 	  unpriviliged client workstations can't modify root-owned
> 	  files.
> 
> comments / problems with this?

just for the sake of commenting more than anything else, why not root:bin ?