M$ acts like M$. they won't give direct access to Linux drives even if they technically can. They need Linux kernel to run obsolete windows from it (virtualization ?). They won't allow Linux to rise higher than some container that works as a layer on behalf of Windows OS. Why would they allow people to use ext4 when they have different goals and it is not about mainstream usage.

"only for secondary phisical drives"
they will patch it out soon :)

what about risks of getting your Linux system damaged by Windows? also viruses and other "scripts" that can seriously alter your Linux partition without keeping Linux privileges.

Originally posted by Cat on Linux:

what about risks of getting your Linux system damaged by Windows? also viruses and other "scripts" that can seriously alter your Linux partition without keeping Linux privileges.

I guess that's why it is done by mounting it inside WSL2 (which actually uses a version of the linux kernel in parallel with the windows kernel) and only then Windows Explorer sees it...

(Thankfully) I don't have it here so can't really test the details, but my guess is that WSL2 will ensure permissions are handled properly since that's needed inside WSL2 in general too.

Originally posted by Marlock:

Originally posted by Cat on Linux:

what about risks of getting your Linux system damaged by Windows? also viruses and other "scripts" that can seriously alter your Linux partition without keeping Linux privileges.

I guess that's why it is done by mounting it inside WSL2 (which actually uses a version of the linux kernel in parallel with the windows kernel) and only then Windows Explorer sees it...

(Thankfully) I don't have it here so can't really test the details, but my guess is that WSL2 will ensure permissions are handled properly since that's needed inside WSL2 in general too.

can it have root permissions? that would be nice way to infect Linux machines from compromised Windows OS.

No idea... probably yes, considering the purpose of WSL is running linux stuff inside windows so it's all about convenience, not actual best security practices in the first place?

In any case, 3rd-party software without admin priviledges can open and even write to EXT4 from inside Windows since before WSL even existed (eg: https://www.howtogeek.com/112888/3-ways-to-access-your-linux-partitions-from-windows/), so a windows virus in theory already could implement the same code to be able to target neighbour linux partitions from windows on its own... given how excessive the powers of a non-privililedged app on windows are, if the disk is plugged in and has no full disk encription or LUKS in place, it was vulnerable already.

WSL may put the possibility into a spotlight for malware developers, but isn't really innovating, only making it more convenient out-of-the-(sand)box

Finally, the secondary disk needs to be mounted via a command that, if I got the idea right, is ran inside WSL2 and not directly on Windows, so some extra steps would need to be taken there to make it happen without user interaction from a malicious .exe running outside it... not that I think it's impossible, just non-trivial.

I'd say if you're concerned about Windows malware infecting a Linux partition, you probably should reconsider dual-booting period, regardless of whether or not Windows ships with the ability to read/write ext4 filesystems. I would instead strongly encourage running Windows and Linux on separate machines, or running Windows in a VM (via KVM or Xen if you wanna do GPU passthrough).

Originally posted by Marlock:

https://www.omgubuntu.co.uk/2020/09/wsl-2-access-ext4-from-windows-10

It works by mounting a secondary disk inside WSL2 (Windows Subsystem for Linux) and explorer.exe recently managed to handle that already, so thd new drive goes in there as well and you're done.

Except... it's only for secondary phisical drives, not other partitions on your main drive (due fears of destroying the main partition holding the OS, maybe? not mentioned why)

...and it also seems to only work in Windows Explorer, not for serving files transparently to 3rd-party apps like Steam (Windows)... ...for now.

Stay tuned for more Microsoft Linux weirdness in 2020

ps: this at least makes it easier for dualbooters to access linux stuff from windows and not just windows stuff from linux

Nice to know
thanks for sharing

There is a way to make it functional for other programs through a series of PowerShell commands. This can be used to create a drive letter. You can even do this using a script.

Having access from Windows Explorer does make it a lot easier to get the WindowsNT system URI for drive access to create a drive letter.

Originally posted by Aoi Blue:

There is a way to make it functional for other programs through a series of PowerShell commands. This can be used to create a drive letter. You can even do this using a script.

Having access from Windows Explorer does make it a lot easier to get the WindowsNT system URI for drive access to create a drive letter.

cool!

so actually using the drive in windows software is also good to go, though not as easily accessible yet

they sure took their sweet time ;)

Originally posted by Marlock:

Stay tuned for more Microsoft Linux weirdness in 2020

yep.

Originally posted by Cat on Linux:

that would be nice way to infect Linux machines from compromised Windows OS.

i have been hearing rumors about that threat for a few weeks, but havent had time to investigate the possible attack vectors.

Originally posted by Aoi Blue:

There is a way to make it functional for other programs through a series of PowerShell commands. This can be used to create a drive letter. You can even do this using a script.

you can use PS commandlets to map/mount a given path to a drive letter (this has been around for a while, but had some issues with permission inheritance. i am not sure if it was fixed)
did they come up with a different way?

Originally posted by meheezen:

i have been hearing rumors about that threat for a few weeks, but havent had time to investigate the possible attack vectors.

Starting point: Linux keeps all data in text files, protected by root privileges on Linux systems and just text files if you access it from outside. some files are read-only, protected by system but will act like common files if accessed from Windows.
To execute something you just have to add malicious command/file to loading scripts, often these would be executed on boot with root privileges or as sudoer.

I take it Windows 7 has no ability to "see" ext4 drives so there's no issue to dual boot, right?

Originally posted by Cat on Linux:

I take it Windows 7 has no ability to "see" ext4 drives so there's no issue to dual boot, right?

As I mentioned earlier:

In any case, 3rd-party software without admin priviledges can open and even write to EXT4 from inside Windows since before WSL even existed (eg: https://www.howtogeek.com/112888/3-ways-to-access-your-linux-partitions-from-windows/), so a windows virus in theory already could implement the same code to be able to target neighbour linux partitions from windows on its own... given how excessive the powers of a non-privililedged app on windows are, if the disk is plugged in and has no full disk encription or LUKS in place, it was vulnerable already.

In short, if the drive is plugged and data is not encrypted, it can be tampered and if it's encrypted it can only be destroyed.