[silverscania]

"WSL is a supplemental feature that runs a Linux image in a near-native environment on Windows, allowing for functionality like command line tools from Linux without the over-head of a virtual machine."

But since WSL 2 it does use a VM. According to wikipedia:

"a real Linux kernel,[4] through a subset of Hyper-V features." "with a Linux kernel running in a lightweight virtual machine environment."

edit: unless they mean user overhead of getting it to work. I kind of read it as performance overhead.

[cookiengineer]

> But since WSL 2 it does use a VM.

As a related sidenote: Try doing an apt install metasploit inside a "VM" while an antivirus is running on the host.

You'll soon realize that the "VM" will be bricked by quarantine actions on the NTFS based filesystem, which kind of defeats the reason of the V in VM.

I fear once more people realize this, there'll be NTFS stream based "hidden" malware and other filesystem rights abusing tools everywhere all over again.

[glitchc]

That’s because the VM has hooks into the host filesystem though, isn’t it? Does it still happen if the VM is fully isolated from host resources (files, ports, devices)?

[_0ffh]

Wouldn't simply activating file-level encryption in the Linux subsystem be enough to throw off Windows-based AV scanners?

[cookiengineer]

I didn't test whether or not LUKS or similar filesystem level encryptions are transparently mapped to the Windows kernel.

Might be a good way to avoid this behavior. The default (from the Windows Store) Ubuntu based VM however doesn't use filesystem level encryption, and every folder or file inside the "VM" is available somewhere buried in the Roaming folders.

[_0ffh]

Yeah, you'd have to install LUKS or eCryptfs or something, but I think it would be worth a try. I expect Windows would only see the encrypted files then.

[wongarsu]

When installing WSL you can still choose if you want to use WLS 1 or WSL 2, and you can switch between them. If you keep your files not in the WSL filesystem, WSL 1 is still the recommended choice because of the lower overhead for file access.

Plus WLS 1 is marginally easier to install because you don't have to enable Hyper-V

[geitir]

You also don't get "vmmem" process that eats memory and doesn't give it back

[deelowe]

I recently updated my visual studio code development environment and it depends on WSL 2 now. It seems to be that this is the direction MS is heading.