How about maybe support for SDDM / PAM / TTY / SystemD / more isolation

[bigmike510a]

I really think the best way to make WSL shine is to make it so each distribution is effectively multi-user. By multi-user, i mean having a completely separate user setup on your WSL system complete with SDDM or whatever Desktop Manager software and unique TTY / Console.

Also, each WSL instance needs to have a unique hostname. The WSL user should not be allowed to access the Windows OS really at all.

Instead, the connection to the Windows OS should be handled at the Kernel level, where the network connections etc are passed via specific modules that are designed to allow for Windows to interact with WSL and vice versa.

This will essentially create a sort of virtual isolated environment that will protect the Windows system from WSL and also protect WSL from windows.

The two should not be super integrated, but rather super separate. Then, you should improve the ability to mount windows FOLDERS , not entire drves, in WSL by having a little password-protected UI window that pops up when you try to do like

mount /dev/wdc0 /mnt/windows_native -o path=C:\Users\guest\SharedFolder

Here /dev/wdc0 is the device that has special windows interaction code and the guest shared folder is the one you wish to share between windows and wsl

---

The currrent version of WSL2 should be renamed WSL-Lite and be explained as Linux that uses your current Windows to run Linux in an integrated format

The next version should be WSL-Full which runs in a context separate from Windows except for the Kernel-level integration via modules, this should be much more like a VM that uses Windows resources in a non-workaround way, but via behind-the-scenes system calls or whatever.

The isolation needs to also apply to devices like USB, network devices, and more. Even the mouse should be able to be configured to use a separate mouse / keyboard by setting configuration options in a WSL Settings Dialog box.

These few changes will make Windows the greatest OS ever and totally secure from WSL-to-windows hacks and you can get rid of that terrible terrible network bridge setup thing whatever the heck that is and instead replace it with something that lets you choose the WSL IP address and has an option to have it Isolated, NAT, or no network, and then also choose which devices to expose to WSL, be it the mouse, a USB drive, a network device, or a file folder / drive and even a GPU

Thats the only real way for this Subsystem to actually mature.