Steve Litt <slitt@???> writes:
> Rainer Weikusat <rainerweikusat@???> wrote:
>> There are really only two options:
>>
> [snip]
>>
>> 2. Mount r/w and expect people messing around with the fs as superuser
>> to know what they're doing.
>
> Chefs know what they're doing, but they still have fire extinguishers
> with which to put out any fires.
If there's a fire extinguisher in a kitchen then because the guy who
runs the establishment won't get an insurance otherwise. On it's own,
he'd very likely rather avoid the expense based on "it ain't gonna
happen" (and in case it does, he'll complain to the builder because "Why
did this have to be flammable ? Didn't you realize this meant it will
burn ?!? This is entirely your fault !!! I want my money back !!!!" even
if only because there's at least a slight chance that this might work).
Silly jokes about the analogy aside, I don't see why it would apply
here. The case in point was someone intentionally running rm -rf /
because he was convinced this would only damage stuff he wanted to
damage. This means he either didn't bother to check which filesystems
where actually mounted or wrongly assumed that deleting everything made
available by them would be harmless.
One could argue that exposing EFI variables in the filesystem in this
way is not a good idea but this would then apply to the code providing
this API and not the code which pretty much has to use it.