Defending mounted filesystems from the root user

This article misses an important point, which is that the specific issue being discussed is writes to the block device's **page cache** while the filesystem is mounted. It's virtually impossible for filesystems to maintain memory safety in that case. Whereas it's possible (but difficult) for filesystems to maintain memory safety when their underlying storage changes.

It is helpful to not conflate these two cases. This makes it clear why it's useful to e.g. forbid writes to /dev/sda1 while still allowing /dev/sda. Even just forbidding buffered writes would solve this problem; O_DIRECT writes could still be allowed.