-
Improve WSL Security with Read-Only Filesystem
By default, all Windows drives are mounted with read & write access (rw) within WSL . Though this is convenient for beginners, it opens up VM shell attacks on your Windows host files.
Instead, we can disable the auto mount feature using
wsl.confand selectively add read-only drives inside the WSL VM using/etc/fstabOverview
- Deactivate “auto mount” in
/etc/wsl.conf - Enable fstab using
MOUNTfStAB = trueinwsl.conf - test config files and mounting work well
- reboot the wsl VM to complete the setup
Example WSL Config
wsl.confPlace this inside the /etc/ directory on the WSL VM
- Deactivate “auto mount” in
-
A Timeless Directory Layout for All of your Projects
Directory layouts are like log cabins that start from a basic shed, gradually adding a room at a time. When you start out on UNIX, everything gets thrown in your home directory. Over time you start to develop a structure for your sources, binaries, projects, data files (like CSV, images, tar files), config, etc
My layout is called TDL – because it allows me to juggle open source projects, partnerships and jobs in a consistent structure across machines and time.
Tony Metzidis
Software Developer