One user wondered whether it was possible for dangerous commands run inside a Bash on Ubuntu on Windows prompt to affect the Windows system. It is possible, because there are mount points to the host file system. For example, /mnt/c goes to the Windows C volume.
I ran a little experiment to see how much a command inside WSL could damage the host. In a Windows 10 VM's Bash prompt, I ran the system-destroying sudo rm -rf / --no-preserve-root. After it finished, Linux was broken and all the test Windows user's personal files and folders were deleted, but the Windows system itself was still fine. Then I rolled the VM back to before the command and tried it again, but with Bash run as administrator. This time, more Windows files were deleted, and after a reboot, the VM bluescreened with CRITICAL_SERVICE_FAILED.
Clearly, dangerous commands inside WSL can damage the host Windows system. Untrusted code shouldn't be run inside the Bash prompt.
No comments:
Post a Comment