(Update: VALVe has removed the worst recommendations that I described below. I don't know if my article had any influence on this. They still want to run the Steam as a service though).
I originally planned to use this blog for work-related stuff only, but the VALVe drove me mad, so I decided to write this.
I run Vista on my home PC (and at work too, actually), and all of us run as non-admins (not Vista's protected admin, but real non-admin). My son plays Counter Strike, and thus has to run Steam. It worked mostly fine, until recently it started to ask to install Steam as a service. Well, a service for internet-facing software seems not good. Before installing, I decided to find out more about it, and the finding are much worse than I've ever expected. Here is an official FAQ from VALVe that I've found:
Here are some of the recommendations from this FAQ:
- Go to: Start > Run and type in: cmd
- Type in the following:
net localgroup Administrators /add Local service
- Restart your computer.
To put it simply, they ask to add Local service account to Administrators group! Apparently, they did not bother to find out the list of specific permissions they need, but simply figured out that administrator permissions "fix" the problem. That alone would be pretty bad, but they did even worse. Instead of creating special account for Steam or using some account that already has administrative permissions, they want to add account shared by multiple services to Administrators group, thus making not only their service, but all the services running on the machine much more dangerous and less secure.
Then VALVe gives even stranger recommendation:
If during this process you receive the error: System error 5 has occurred. Access is denied Please follow these instructions and then try the above steps again:
- Go to Start > Control Panel > System & Maintenance > Administrative Tools > Local Security Policy.
- In the left pane, expand Local Policies > Security Options.
- Double-click Network Security LAN Manager Authentication Level.
- In the drop down list, change the default setting (NTLMv2 only) to Send LM & NTLM - use NTLMv2 session if negotiated.
Changing LanMan level for Vista Home users to completely unsecure level? Maybe I'm missing something, but I can't see any reason to do this. This setting affects authentication to remove computers (mostly affects NT domain, should be of no concern to internet game), it would not help one to avoid local Access Denied while performing the steps above. It is not only completely unsecure, but IMO it also does not make any sense at all.
So these guys
1) don't understand anything about security,
2) can't write software that does not require administrative privileges,
3) don't even try to use the specific minimum list of permissions,
4) ask user to make completely unreasonable and unsecure configuration changes to OS configuration, that affect not just Steam service, but the whole machine,
5) want to run network-facing service with admin rights.
Now would you trust the guys who are clueless about security, obviously can't write secure code, and apparently don't care about YOUR machine security at all, to run network-facing service with admin rights on your machine? I don't. I think I'll try stay away from them from now on.
P.S. As with everything else in this blog, this post represents my personal opinion, and does not represent the view of my employer.