By default, all Windows drives are mounted with read & write access (rw) within WSL . Though this is convenient for beginners, it opens up VM shell attacks on your Windows host files.

Instead, we can disable the auto mount feature using wsl.conf and selectively add read-only drives inside the WSL VM using /etc/fstab

Overview

1. Deactivate "auto mount" in /etc/wsl.conf
2. Enable fstab using MOUNTfStAB = true in wsl.conf
3. test config files and mounting work well
4. reboot the wsl VM to complete the setup

Example WSL Config wsl.conf

Place this inside the /etc/ directory on the WSL VM …

Continue reading