It is a collection of data-files (from a filesystem point of view at least). So nodev (no devices here), noexec (no executables either) and nosuid (definitly no suid executables) should be OK.
In fact everything but /dev should be save to get mounted nodev...
Matt, I never suggested mounting /proc readonly!
It is a collection of data-files (from a filesystem point of view at least). So nodev (no devices here), noexec (no executables either) and nosuid (definitly no suid executables) should be OK.
In fact everything but /dev should be save to get mounted nodev...