other:win10wsl
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
other:win10wsl [2022/09/07 09:42] jypeter [Advanced usage] Started the security section |
other:win10wsl [2022/09/07 11:59] jypeter [WSL security WARNING] Improved |
||
|---|---|---|---|
| Line 988: | Line 988: | ||
| ===== Advanced usage ===== | ===== Advanced usage ===== | ||
| - | ==== WSL security WARNING ==== | + | ==== WSL security WARNING! ==== |
| - | A regular Linux installation (on a Linux-only computer) is fairly secure, but a Linux installation on WSL is not secure at all, by design. WSL+Linux is designed to allow you to easily use Linux on Windows, including easily using the Linux root account without having to know any password of the Linux installation! | + | <WRAP center round important 60%> |
| + | A regular Linux installation (on a Linux-only computer) is fairly secure,\\ but a Linux installation on WSL is not secure at all, **by design** | ||
| + | </WRAP> | ||
| - | This is not a security issue, because your installation is protected by your Windows account security | + | WSL+Linux is designed to allow you to easily use Linux on Windows, including **very easily using the Linux root account without knowing any password** of the Linux installation! |
| - | You should still be aware that: | + | <code>PS C:\Users\your_login> wsl |
| + | wsl_default_user@your_machine:/mnt/c/Users/your_login$ whoami | ||
| + | wsl_default_user | ||
| + | |||
| + | PS C:\Users\your_login> wsl -u root | ||
| + | root@your_machine:/mnt/c/Users/your_login# whoami | ||
| + | root</code> | ||
| + | |||
| + | This is **a feature and not a security issue**, because your installation is protected by your Windows account security | ||
| + | |||
| + | You should be aware (and act accordingly) that: | ||
| * Somebody gaining access to your Windows account will also have full access to the Linux installation | * Somebody gaining access to your Windows account will also have full access to the Linux installation | ||
| - | * Always make sure that only you can access your Windows account. And your LSCE Windows laptop will be encrypted with bitlocker | + | * <wrap hi>Do not use an existing password for the WSL Linux account</wrap> |
| - | * somebody gaining access to a backup of your Linux installation will easily have access to the Linux installation | + | * Storing data in the Linux part of your computer does not add any extra security |
| - | * You can save your backup to an external disk encrypted with bitlocker | + | * Always **make sure that only you can access your Windows account** |
| + | * Your LSCE Windows laptop (not your desktop) is encrypted with [[https://docs.microsoft.com/en-us/windows/security/information-protection/Bitlocker/bitlocker-overview|BitLocker]], which adds some extra security | ||
| + | |||
| + | * Somebody gaining access to a backup of your Linux installation will easily have access to the Linux installation itself | ||
| + | * You can store your Linux installation backup to [[https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-to-go-faq|an external disk encrypted with BitLocker]] | ||
| ==== Creating a backup ==== | ==== Creating a backup ==== | ||
other/win10wsl.txt · Last modified: 2023/12/06 13:24 by jypeter
