1 |
On Thu, 13 Jul 2017 17:58:29 +0300 Andrew Savchenko wrote: |
2 |
> On Thu, 13 Jul 2017 10:29:06 -0400 Mike Gilbert wrote: |
3 |
> > On Thu, Jul 13, 2017 at 7:35 AM, M. J. Everitt <m.j.everitt@×××.org> wrote: |
4 |
> > > On 13/07/17 12:09, Rich Freeman wrote: |
5 |
> > >> Presumably you'd only want to remount it if it was mounted ro to |
6 |
> > >> start, since it sounds like openrc will be diverging from systemd |
7 |
> > >> behavior here. |
8 |
> > >> |
9 |
> > >> While it seems like a good idea I'm not sure how big an improvement it |
10 |
> > >> is in the larger scheme. We're worried about root accidentially |
11 |
> > >> modifying efivars, but we have no safeguards against root writing to |
12 |
> > >> /dev/sda, and the latter seems much more likely to cause harm, and is |
13 |
> > >> harder to fix. |
14 |
> > >> |
15 |
> > > In case you weren't aware, Rich, rewriting the efivars actually writes |
16 |
> > > to the system BIOS, which renders the computer completely unbootable .. |
17 |
> > > not quite the same as erasing the boot sector of your hard disk, where |
18 |
> > > you simply plug in another device, and Off you go ... |
19 |
> > > |
20 |
> > |
21 |
> > We are actually talking about protecting people who run something like |
22 |
> > rm -rf /sys/firmware/efi/efivars/ as root. |
23 |
> > |
24 |
> > If you are dumb enough to do something like that, you almost deserve |
25 |
> > to spend a couple hundred on a new motherboard. |
26 |
> |
27 |
> Or just rm -rf / |
28 |
> [pedantic] |
29 |
> of course with newer rm versions one needs to run: |
30 |
> rm -rf --no-preserve-root / |
31 |
> or |
32 |
> rm -rf /* /.* |
33 |
> [/pedantic] |
34 |
> |
35 |
> But in some scenarios this command is normal. E.g. user installs |
36 |
> Gentoo from some live dvd/flash, makes some mistakes, understands |
37 |
> that system is broken beyond repair and decides to start over again. |
38 |
> If there is no need to recreate filesystem itself or partition |
39 |
> layout, running rm -rf / as above is quite reasonable. |
40 |
> |
41 |
> When running this command user expects to kill the data, but not |
42 |
> the hardware. That is my point. I can't call such action dumb. |
43 |
|
44 |
One more example: remember the bumblebee install script bug[1]: due |
45 |
to a typo the whole /usr was removed, the same may happen with /sys |
46 |
one day. |
47 |
|
48 |
If simple file removal results in dead hardware this is no go. |
49 |
|
50 |
[1] |
51 |
https://github.com/MrMEEE/bumblebee-Old-and-abbandoned/issues/123 |
52 |
|
53 |
Best regards, |
54 |
Andrew Savchenko |