In A UEFI World, "rm -rf /" Can Brick Your System

Written by Michael Larabel in Hardware on 1 February 2016 at 08:14 AM EST. 68 Comments
HARDWARE
Running rm -rf / on any UEFI Linux distribution can potentially perma-brick your system.

As a public service announcement, recursively removing all of your files from / is no longer recommended. On UEFI distributions by default where EFI variables are accessible via /sys, this can now mean trashing your UEFI implementation.

There is this systemd bug report requesting that UEFI variables be mounted as read-only by default. Lennart Poettering had initially responded and simply said, "Well, there are tools that actually want to write it. We also expose /dev/sda accessible for root, even though it can be used to hose your system. The ability to hose a system is certainly reason enought to make sure it's well protected and only writable to root. But beyond that: root can do anything really." He then closed the ticket.


There were many community comments since then, but systemd developers have stood their ground and will not be mounting the EFI variables as read-only as they do write to the variables in some cases. Matthew Garrett who is also often involved in the UEFI Linux situation tweeted, "systemd is not responsible for allowing kernel code that I wrote to destroy your shitty firmware. I think you get to blame me instead." It's not a systemd-specific issue at all but any distribution (or operating system for that matter) mounting EFI variables not as read-only.


Should your system get bricked, you can always turn your computer into bottle openers... ;)


Matthew says with about 20 lines of code on Windows, you can cause the same havoc. He points out that mounting EFI variables as read-only could break some user-space applications and isn't the solution to the problem. He does have some ideas for addressing this issue, but didn't elaborate or issue any new patches yet. For now, be forewarned you probably don't want to rm -rf / your Linux system if using modern UEFI hardware.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week