esxi: have the fuse process drop its privileges

once it's mounted it only needs to make http requests and talk to the
open fuse fd

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

src/PVE/Storage/ESXiPlugin.pm

@@ -215,6 +215,8 @@ sub esxi_mount : prototype($$$;$) {
 	    exec {$ESXI_FUSE_TOOL}
 		$ESXI_FUSE_TOOL,
 		@extra_params,
+		'--change-user', 'nobody',
+		'--change-group', 'nogroup',
 		'-o', 'allow_other',
 		'--ready-fd', fileno($wr),
 		'--user', $user,