`/dev` doesn't have the `noexec` mount option: https://github.com/moby/moby/blob/2613c3d53cee46d8e0dc8e1aba83686f259985e4/oci/defaults.go#L81 Being a _system_ `tmpfs` with `RW` rights, it'd be better to have no execution rights there.
/devdoesn't have thenoexecmount option:moby/oci/defaults.go
Line 81 in 2613c3d
Being a system
tmpfswithRWrights, it'd be better to have no execution rights there.