Only a part is immutable, but you can alter other files, which are mounted with write permissions. Kind of like NixOS works. Here, this is part of the output if I enter “mount” in termux
/dev/block/dm-7 on /system/lib64/netd_event_listener_interface-V1-cpp.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/oemnetd_aidl_interface-cpp.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/packagemanager_aidl-cpp.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/server_configurable_flags.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/service.incremental.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/shared-file-region-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard)
/dev/block/dm-7 on /system/lib64/spatializer-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/vendor.qti.hardware.display.config-V5-ndk.so type ext4 (ro,relatime,seclabel,discard)
tmpfs on /storage type tmpfs (rw,nosuid,nodev,noexec,relatime,seclabel,mode=755,gid=1000)
/dev/fuse on /storage/emulated type fuse (rw,nosuid,nodev,noexec,noatime,lazytime,user_id=0,group_id=0,allow_other)
/data/media on /storage/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
Look how the paths are mounted. /data/media has read/write permission, while other mount points not. I could probably mount /bin and /sbin read only and it wouldnt harm my system at all. It would probably only than changed, if I perform some update (Lets say rm has suddenly some critical bug). You can also read about A/B partituons on the Internet. This works a bit complexer under the hood, meaning creating a way to perform updates and so on.
Only a part is immutable, but you can alter other files, which are mounted with write permissions. Kind of like NixOS works. Here, this is part of the output if I enter “mount” in termux
/dev/block/dm-7 on /system/lib64/netd_event_listener_interface-V1-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/oemnetd_aidl_interface-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/packagemanager_aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/server_configurable_flags.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/service.incremental.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/shared-file-region-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/spatializer-aidl-cpp.so type ext4 (ro,relatime,seclabel,discard) /dev/block/dm-7 on /system/lib64/vendor.qti.hardware.display.config-V5-ndk.so type ext4 (ro,relatime,seclabel,discard) tmpfs on /storage type tmpfs (rw,nosuid,nodev,noexec,relatime,seclabel,mode=755,gid=1000) /dev/fuse on /storage/emulated type fuse (rw,nosuid,nodev,noexec,noatime,lazytime,user_id=0,group_id=0,allow_other) /data/media on /storage/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb) /data/media on /storage/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)Look how the paths are mounted. /data/media has read/write permission, while other mount points not. I could probably mount /bin and /sbin read only and it wouldnt harm my system at all. It would probably only than changed, if I perform some update (Lets say rm has suddenly some critical bug). You can also read about A/B partituons on the Internet. This works a bit complexer under the hood, meaning creating a way to perform updates and so on.