'man fstab-sync' does not seem to mention explicitely how an order of
options in, possibly, system administrator edited files translates
on generated option lines in /etc/fstab; if such relationship indeed
exists even if it should and should be clearly specified.

I would also think that a default 'noexec' is vastly preferable
in general to an 'exec' mount option and relaxing that should be left
to a sysadmin of a given system.

'man fstab-sync' should also stress that changes need to be _appended_
to other options and explicitly explain how to achieve that effect.

Issue Should be fixed in hal-0.4.0-4.

> 'man fstab-sync' does not seem to mention explicitely how an order of
> options in, possibly, system administrator edited files translates
> on generated option lines in /etc/fstab; if such relationship indeed
> exists even if it should and should be clearly specified.

By reviewing the source code for mount(1) in util-linux one will find
that the only requirement on the order is that 'user', 'users',
'pamconsole' and 'defaults' needs to come before others as they other
imply options. Note that these four are, for all practical purposes,
mutually exclusive so the ordering between them is not neccessary to
take into account. Also note that the syscall mount(2) doesn't use
ordering as mount options is given as a union of bits.

> I would also think that a default 'noexec' is vastly preferable
> in general to an 'exec' mount option and relaxing that should be
> left to a sysadmin of a given system.

You will have to file another bug to discuss this in. I don't really
see any attack scenario though; what prevents Mallory from copying a
file to his home directory and chmod a+x it?

Because "Mallory's" home directory is ALSO mounted noexec.