Do you want the system to support setuid and setgid bits on executable files?
SETUID specifies that the system supports setuid() and setgid() mode bit on an executable file. SETUID is the default.
NOSETUID specifies that the system does not support the setuid() and setgid() mode bit on an executable file. NOSETUID means the user's UID or GID values remain unchanged when the program runs and the system ignores the APF and program controlled extended attributes. The entire zFS is uncontrolled.
Do you want security checks performed for these files? Check the box if you you want security checks to be performed (SECURITY). SECURITY is the default. If the box is not checked, security checks are not performed (NOSECURITY).