It is somewhat inconvenient to have to set up a dedicated user for Steam and then have to switch between users for gaming on Steam with one account and for other activities on another account. The documentation recommends installing Steam on a non-wheel user account. If you try to run steam-install for a user in the wheel group, you get the following message:
Please, consider setting up a dedicated OS user account for Steam.
Otherwise each and every Steam game will have unrestricted access to your files.
If you really couldn't care less, you can suppress this message with
--allow-stealing-my-passwords,-browser-history-and-ssh-keys flag.
So I'm wondering. Is Steam a security risk on Linux also? Is there something particular about the way Steam works on FreeBSD that makes it a security risk (moreso than on Windows or Linux)? Or is this mainly a bit of caution/paranoia simply because we're dealing with closed-source binaries instead of open source? And would there be any drawbacks to removing the wheel group from my main user and adding my main user account to the sudoers file so that I can still do actions as root when necessary and safely use Steam with my main user? Or does this not address the security concerns? I assumed at first that the concern was about Steam or games somehow gaining root privileges because of being in the wheel group. Is this the concern? Or is it only about the possibility of access to files, browser history, ssh keys, or other sensitive data in the home directory? But also, why is Steam singled out for this treatment? There is other closed-source software in FreeBSD ports that doesn't include dire warnings like this.
Please, consider setting up a dedicated OS user account for Steam.
Otherwise each and every Steam game will have unrestricted access to your files.
If you really couldn't care less, you can suppress this message with
--allow-stealing-my-passwords,-browser-history-and-ssh-keys flag.
So I'm wondering. Is Steam a security risk on Linux also? Is there something particular about the way Steam works on FreeBSD that makes it a security risk (moreso than on Windows or Linux)? Or is this mainly a bit of caution/paranoia simply because we're dealing with closed-source binaries instead of open source? And would there be any drawbacks to removing the wheel group from my main user and adding my main user account to the sudoers file so that I can still do actions as root when necessary and safely use Steam with my main user? Or does this not address the security concerns? I assumed at first that the concern was about Steam or games somehow gaining root privileges because of being in the wheel group. Is this the concern? Or is it only about the possibility of access to files, browser history, ssh keys, or other sensitive data in the home directory? But also, why is Steam singled out for this treatment? There is other closed-source software in FreeBSD ports that doesn't include dire warnings like this.