you spend a lot of time talking about how this isn't configured to protect the local system from the user of LPS, but I don't see that as the point. anytime you boot a system from external media you can subvert that system (the only prevention being encryption and TPS type features on the system itself)
the purpose of LPS is to be independent of anything in the local system, so that if there is malware on the local system it doesn't affect you.
for this sort of thing, simply not mounting the local system is good enough, you don't need to make it impossible to do so.
that being said, there is definitely room for improvement here, running as a non-root user by default, and using a security module (SELINUX or other) to protect the system would be big wins.