init: Mount /dev without the noexec option

This partially reverts commit eb98d2ea110b "init: /dev can be noexec
and /run nodev".  The noexec option broke v86d (which we have a
specific workaround for), and could also be a problem for SGX support
in future.

Using noexec here doesn't provide a security benefit in a default
Debian configuration, since there are other writable directories on
filesystems not mounted with this option.  Those are also writable by
all users, not just uid 0.

The mount options can be overridden by an entry for /dev in /etc/fstab
(at least when booting with systemd).

References: https://lore.kernel.org/linux-sgx/20201209000321.GA62845@kernel.org/T/
Signed-off-by: Ben Hutchings <benh@debian.org>

0 files changed, 0 insertions, 0 deletions