On Thu, Jul 13, 2017 at 9:29 AM, Mike Gilbert <floppym@gentoo.org> wrote:

>
> We are actually talking about protecting people who run something like
> rm -rf /sys/firmware/efi/efivars/ as root.
>
> If you are dumb enough to do something like that, you almost deserve
> to spend a couple hundred on a new motherboard.
>
> While I can think of a few ways you can accidentally do this via
bindmounts and such, I think it's also worth mentioning that this
"bricking" only happens on a very very small number of systems with a
specific buggy UEFI implementation, the vast majority of UEFI hardware will
not be "bricked" by wiping efivars.

I'm still onboard with protecting users from this out of the box, but it's
not like without this change, we'll have gentoo boxes dropping dead all
over the place every week.  We're protecting from something that requires
both a very specific firmware bug AND serious user error, to trigger.

-Ben