This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
other:win10wsl [2022/09/06 15:40] jypeter [Restoring or relocating a Linux installation] Improved |
other:win10wsl [2022/09/07 12:02] jypeter [WSL security WARNING!] |
||
---|---|---|---|
Line 988: | Line 988: | ||
===== Advanced usage ===== | ===== Advanced usage ===== | ||
+ | ==== WSL security WARNING! ==== | ||
+ | <WRAP center round important 60%> | ||
+ | A regular Linux installation (on a Linux-only computer) is fairly secure,\\ but a Linux installation on WSL is not secure at all, **by design** | ||
+ | </WRAP> | ||
+ | |||
+ | WSL+Linux is designed to allow you to easily use Linux on Windows, including **very easily using the Linux root account without knowing any password** of the Linux installation! | ||
+ | |||
+ | <code>PS C:\Users\your_login> wsl | ||
+ | wsl_default_user@your_machine:/mnt/c/Users/your_login$ whoami | ||
+ | wsl_default_user | ||
+ | |||
+ | PS C:\Users\your_login> wsl -u root | ||
+ | root@your_machine:/mnt/c/Users/your_login# whoami | ||
+ | root</code> | ||
+ | |||
+ | This is **a feature and not a security issue**, because your installation is protected by your Windows account security | ||
+ | |||
+ | You should be aware (and act accordingly) that: | ||
+ | * Somebody gaining access to your Windows account will also have full access to the Linux installation | ||
+ | * <wrap hi>Do not use an existing password for the WSL Linux account</wrap>\\ Somebody could easily extract your password information... | ||
+ | * Storing data in the Linux part of your computer does not add any extra security | ||
+ | * Always **make sure that only you can access your Windows account** | ||
+ | * Your LSCE Windows laptop (not your desktop) is encrypted with [[https://docs.microsoft.com/en-us/windows/security/information-protection/Bitlocker/bitlocker-overview|BitLocker]], which adds some extra security | ||
+ | |||
+ | * Somebody gaining access to a backup of your Linux installation will easily have access to the Linux installation itself | ||
+ | * You can store your Linux installation backup to [[https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-to-go-faq|an external disk encrypted with BitLocker]] | ||
==== Creating a backup ==== | ==== Creating a backup ==== | ||