On systems where `mac_veriexec` is enforced, `init` should run its scripts in verified mode.
This relies on the `verify` shell option introduced by D30464. `init` will detect if the shell is `/bin/sh`, and in which case, add the `verify` option to the argument vector.
The `verify` option propagates to all files sourced by the shell, ensuring a better protection than if the script was tested against an `open(O_VERIFY)` before running it.
This security can be bypassed with the `kenv` which overloads the shell to use. However we feel confident that on systems running with `mac_veriexec`, this kenv will be blocked somehow.
Also, the verify option has no effect on systems where `mac_veriexec` is not loaded nor enforced.