August 6, 2007

I'm in ur OS bypassin ur UAC

Forgive the LOLCat speak, but I felt it appropriate.

The new Steam update came out today, and from the Settings dialog you can opt into the Steam Community beta. (My page is located here.)

If you're running Vista, the Steam Service gets installed as part of the update. As far as I can tell, the service exists solely for the purposes of bypassing UAC so that Valve can write into the Program Files folder at will.

Gee, wouldn't it have been easier just to code to the Windows development guidelines in the first place? My only real problem with Steam is that it replaces one set of guidelines for another, completely incompatible set of guidelines.

Blech.

5 comments:

Andrew Timson said...

If Steam kept its file access to the My Documents folder, though, then each Steam user on a system would end up with their own copy of the installed software, instead of one copy of each game usable by everybody on the system. For stuff like the recent rereleases of Doom, 10 MB here or there might not matter, but with a multigigabyte game like Half-Life 2 I don't think it's really viable to have one copy of the game for each and every user on the system.

Michael Russell said...

CSIDL_COMMON_APPDATA points to a folder that is shared between users on a machine for common files to be shared between users, but not as part of their "My Documents" structure.

aiusepsi said...

Better still, shift all the piddly config file data out to either all user appdata, or the user appdata, depending on what it is, and elevate when doing heavy lifting like self updates, game updates, or installing games, because that stuff should need explicit admin authorisation.

Hopefully this is just an interim hacky solution. What makes me kinda mad though is Vista was beta/CTP/RC for ages, everyone knew UAC was coming and the implications, so there was plenty of time to get a proper solution working. Instead we've got this nearly a year on. Sigh.

Sarkie said...

We recently had to update one of our software solutions so that it wrote to Common App Data, and then create an .ini so we know where it is on the system. It may have taken a bit of time to update the code, but this who you are supposed to do it.

Craig said...

To Quote a Valve Employee:

"Valve doesn't control all of the code for all of the games in Steam. It's nice to say "everyone should just make their code work like Vista wants it to", but we can't do that when we are shipping a game created by someone else four years ago that is no longer actively developed.

That game will most likely expect to be able to write to your "Program Files" directory. It will most likely require writing registry keys in HKEY_LOCAL_MACHINE instead of HKEY_CURRENT_USER (needs Admin privileges) both at install time and at run-time. Furthermore, placing all your configuration and data files inside your user folder isn't a good model for Steam. We are distributing large amounts of content via Steam that is intended to be shared by users across the machine. The directory layout in Vista is not really designed to support content distribution systems like this, it's designed for every single game using a seperate standard .msi installer. Vista's user model also isn't designed to support code like VAC. VAC is doing low level work to check out other running processes memory space and find cheats, some of the work it does can't occur without escalating privileges. In this respect it acts much more like an Antivirus program than anything else. And guess what? All your antivirus software is installing services isn't it? Why aren't you alarmed at that? You probably also know that PunkBuster and other similar software already does the same thing and installs a service in order to get it's job done. Yes, before we did every single one of these operations the Steam process itself could try to escalate its permissions and you as a user would be warned and asked to allow it, but the number of warnings would be painfully large and would be confusing to most users. We don't like that option. Instead we have the Steam service, you install it once and you tell Vista at that time that you trust Steam to install this piece of signed code.

Security wise all of the service executables are signed code and have a very limited set of abilities. By installing the service you are letting Steam perform some administrative operations on your machine. However, due to the security model built into the service and due to the fact that the code is signed you are not opening up your machine for just any piece of code to abuse the service and hack your machine. Letting Steam do this is just like letting a .msi installer for a game have Administrative privileges at run-time or allowing your Antivirus software to install a service. By using the service we are just saying "you only have to authorize us once", instead of causing you to be constantly prompted each time you install or run many games.

Ultimately its your choice, we cannot force you to install the service. Vista will always warn you that Steam is trying to escalate privileges when the service installation occurs. If you are unhappy with it, then don't install it. However, if you don't install it Steam and many games will be broken in subtle ways and we can't gurantee things will work as expected. The service is going to be an integral part of Steam on Vista and by choosing not to install it you are choosing to prevent your Steam installation being fully functional."