Last i read you should be able to change the whole tx which was kinda problematic because of double spending.
Oh - I hadn't realised this was the case (that makes me rather less enthusiastic about RBF - I can now envision someone creating a wallet with a "double spend" button).
It does allow for most of the transaction to be replaced (still has to include at least one input to actually be replacing something). However I don't think most wallets will give you the option to double spend. I think that most wallets will only have an option to boost your fee rather than double spend the transaction. Of course, if someone was being malicious, they probably don't even need a wallet that gives them the option to double spend.
I dont see a link between broken ecdsa and rbf.
A double-spend attempt is a double-spend attempt but perhaps the attempt itself is made easier with RBF.
If ECDSA is broken by QCs and the private key can be revealed from the public key in less than 10 minutes, an attacker with a QC could find that private key and attempt to double spend the inputs in the transaction that originally had the public key. With the current node policy, if they made a double spend attempt, it would probably fail due to the first seen behavior of nodes. Those nodes would already have seen the original transaction and thus reject the double spend. With RBF, if the attacker simply increased the fee in his malicious transaction, his transaction would be able to replace the original transaction if the original had opted in to RBF. This would make stealing the coins slightly easier, but only if the transaction opted in to RBF.