[arch-general] Instructions to mount efivars as readonly should be linked to in Beginner's Guide

Kyle Terrien kyleterrien at gmail.com
Mon Feb 1 23:07:33 UTC 2016


Maarten de Vries wrote:
> On 1 February 2016 at 23:29, Leonid Isaev <leonid.isaev at jila.colorado.edu>
> wrote:
> 
>>
>> Also, how can you brick a machine by simply zeroing the harddrive?
>>
>>
> You can't (well, someone can probably think of a contrived situation where
> you could, there's always someone, but generally speaking). The problem is
> with removing certain UEFI variables in buggy UEFI implementations (which
> are all too common). But in this case (with buggy UEFI implementation) a
> simple rm -rf of the wrong directory can brick your motherboard.
> 
> -- Maarten

Interesting sidenote: In Android, all the system-level stuff is
segregated to /system, which is mounted as ro by default.  This is just
another layer of security.

--Kyle

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20160201/fa999b1c/attachment.asc>


More information about the arch-general mailing list