An user, Laloch detailedthis systemd bug reporton GitHub requesting that UEFI variables be mounted as read-only by default.
To his query, Lennart Poettering said,
Well, there are tools that actually want to write it.
We also expose /dev/sda accessible for root, even though it can be used to hose your system.
But beyond that: root can do anything really.
He then closed the ticket.
I think you get to blame me instead.
systemd is not responsible for allowing kernel code that I wrote to destroy your shitty firmware.
I think you get to blame me instead.
For now, you dont want torm -rf /your Linux system if using modern UEFI hardware.
source: www.techworm.net
