$alvador
TD Member
http://www.theregister.co.uk/2015/01/17/scary_code_of_the_week_steam_cleans_linux_pcs/
So yeah, Steam client for Linux likely a total hack job. Even a novice should know not to do something so insecure. This makes me think that Valve probably outsoured a bunch of the work to freelancers
Linux desktop gamers should know of a bug in Valve's Steam client that will, if you're not careful, delete all files on your PC belonging to your regular user account.
According to a bug report filed on GitHub, moving Steam's per-user folder to another location in the filesystem, and then attempting to launch the client may perform the following heart-stopping command: rm -rf /*
code in question:
Code:# figure out the absolute path to the script being run a bit # non-obvious, the ${0%/*} pulls the path out of $0, cd's into the # specified directory, then uses $PWD to figure out where that # directory lives - and all this in a subshell, so we don't affect # $PWD STEAMROOT="$(cd "${0%/*}" && echo $PWD)" # Scary! rm -rf "$STEAMROOT/"*
So yeah, Steam client for Linux likely a total hack job. Even a novice should know not to do something so insecure. This makes me think that Valve probably outsoured a bunch of the work to freelancers