1 |
On Thu, Jul 13, 2017 at 9:29 AM, Mike Gilbert <floppym@g.o> wrote: |
2 |
|
3 |
> |
4 |
> We are actually talking about protecting people who run something like |
5 |
> rm -rf /sys/firmware/efi/efivars/ as root. |
6 |
> |
7 |
> If you are dumb enough to do something like that, you almost deserve |
8 |
> to spend a couple hundred on a new motherboard. |
9 |
> |
10 |
> While I can think of a few ways you can accidentally do this via |
11 |
bindmounts and such, I think it's also worth mentioning that this |
12 |
"bricking" only happens on a very very small number of systems with a |
13 |
specific buggy UEFI implementation, the vast majority of UEFI hardware will |
14 |
not be "bricked" by wiping efivars. |
15 |
|
16 |
I'm still onboard with protecting users from this out of the box, but it's |
17 |
not like without this change, we'll have gentoo boxes dropping dead all |
18 |
over the place every week. We're protecting from something that requires |
19 |
both a very specific firmware bug AND serious user error, to trigger. |
20 |
|
21 |
-Ben |