Change default for DISABLE_SETUID to false
In 8.9.9 we added the knob DISABLE_SETUID, with a default value of true. This sets the linux no-new-privs flag, which disables programs with the setuid-bit in a binary from changing their uid. It does not impact programs which have real uid 0 switching back and forth.
Unfortunately, this breaks condor_ssh_to_job if selinux is enabled. Until we can resolve this with a selinux policy, we will set the default to "false".
Note that was the original
Looks good to me.