FUSE: Mount with -odev on Unix platform

This is needed to permit access to the device nodes added to /dev
on Linux when FUSE is used as root.

The Unix sandbox only works with all privileges,
so there's no explicit check for being root
or having the appropriate capabilities.

A check for whether it's running as root isn't needed on Linux with bubblewrap
because /dev or its devices are mounted on top of the FUSE layer,
so device nodes are accessed directly rather than through the FUSE layer.

The other platforms we're currently considering support for are OS X and WSL,
which notionally support the concepts of FUSE and mount options
(though WSL doesn't yet support FUSE)
so platforms providing FUSE options shouldn't be an inappropriate abstraction.