From e045591845ab993d67a131f75a838e5993845de3 Mon Sep 17 00:00:00 2001
From: omnivagant <omni+vagant@hack.org>
Date: Thu, 27 Jan 2022 15:56:02 +0000
Subject: [PATCH] init.d/devfs: default mount /dev noexec

---
 init.d/devfs.in | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/init.d/devfs.in b/init.d/devfs.in
index ae55a1c3..0cc3ba03 100644
--- a/init.d/devfs.in
+++ b/init.d/devfs.in
@@ -24,8 +24,9 @@ mount_dev()
 	action=--mount
 	conf_d_dir="${RC_SERVICE%/*/*}/conf.d"
 	msg=Mounting
-	# Some devices require exec, Bug #92921
-	mountopts="exec,nosuid,mode=0755"
+	# Some devices require exec, https://bugs.gentoo.org/92921
+	# Users with such requirements can use an fstab entry for /dev
+	mountopts="noexec,nosuid,mode=0755"
 	if yesno ${skip_mount_dev:-no} ; then
 		einfo "/dev will not be mounted due to user request"
 		return 0