On Sat, Aug 28, 2021 at 09:10:15AM +1000, NeilBrown wrote: > There are lots of different things root can do which will mess up the > kernel badly. The backing-store can still be changed through some other > means. > Do you have a particular threat or risk scenario other than "root might > get careless"? No, it is just that scenario. But one that is much easier to trigger than more convoluted ways for a root user to trigger damage through device files, and one that can't be prevented through LSMs or the capability system.