1

Does adding a non-root user do anything except hinder your own ability to make mistakes? Given the new updates on file perms in WSL2 (docs on file perms, more docs), doing everything as root on linux might actually be more secure (maybe I'm wrong here though).

Relevant conversation on the WSL github: https://github.com/Microsoft/WSL/issues/53

belkarx
  • 1,207
  • 2
  • 18

1 Answers1

1

Yes.

Imagine an attack which allows arbitrary code execution, escape to shell, etc. Would you want this attacker to have root privilege or the privileges of a user which only has access to what is needed to run the service?

For most the answer is limited privileges.

foreverska
  • 1,115
  • 11
  • Ah I wasn't thinking, thanks. The information available on how perms (on files and execution) transfer over between the windows host and WSL was a bit unclear and I was under the impression that there wouldn't be a difference between, for example, popping a shell from a root vs user account. But I can see how arbitrary code execution within the environment has potential to do damage in much the same way as on a native Linux install – belkarx Mar 10 '22 at 00:30