Linux 4.5-rc5: efivarfs fixed to avoid “rm -rf /” bricking UEFI

It seems to me that the real issue is that "rm -rf" should by default not recurse into mounted filesystems, but should at most try to unmount them.

In addition to clearing EFI variables, the current behavior will also attempt to clear any mounted removable drives and any mounted network drives, which is usually even more harmful than messing with EFI.

Of course that would be a backwards incompatible change, although I don't think many scripts rely on this behavior.

To be fair "rm -rf /" doesn't just work. You have to confirm that you really do want to delete everything. Destroying / in itself is pretty harmful. If you're planning to do that you should already know not to have anything you want to keep mounted.

For the few use cases where a system admin wants to "rm -rf /", there are hundreds of bad scripts that can screw up a system. I believe Solaris did the right thing and made it not work.

https://www.youtube.com/watch?v=l6XQUciI-Sc&t=81m

To be clear, the problem described in the video is not something that can happen. "rm -rf $1/$2" where $1 and $2 aren't defined (therefore making it "rm -rf /") will not run. If you really want to destroy your root directory you have to specify the --no-preserve-root flag. No more accidents from scripts that assume things poorly, but it will still do exactly what the user asks. 

Yet, I can still delete my home directory by accident (e.g. Steam patch). The idea that any rm can kill the directory I'm in is just bad. A flag on rm is the wrong solution. It should just fail.

So you're saying they should remove the -r option entirely from rm?