Users of Valve's Steam digital distribution platform have warned of a nasty bug in the Linux version, capable of wiping out all files owned by the user across all drives on a system.
Launched as a beta back in February 2013 following closed testing the year before, Steam for Linux provides access to Linux-specific and cross-platform games on most variants of the open-source operating system. It operates identically to the Windows and OS X variants, and was developed by the company both in response to customer demand and as the central pillar of its own SteamOS Linux-based gaming-centric operating system. By and large, its launch went smoothly - but users have now discovered a rather nasty bug.
Brought into view in a bug report on Valve's GitHub repository, the flaw is both simple and horrible: the script which runs the Steam client can, in certain circumstances, erase every single file owned by or with write permissions for the current user from a computer system - including those located on external drives or certain types of network drives.
The problems comes from a line in steam.sh which simply reads 'rm -rf "$STEAMROOT/"*'. This line, called when the script is run with the --reset_steam option, is designed to delete all files under Steam's data directory in preparation of beginning again. Unfortunately, users have found that it is also executed when the Steam data directory is missing - and when it's missing, the $STEAMROOT variable expands as empty. The result: the command actually run is 'rm -rf "/"*' - an instruction to delete every single file on the system recursively. Although file permissions will prevent non-root users from deleting operating system files, the instruction is enough to wipe every single file owned by the user on any mounted drive.
'I looked and saw that steam had apparently deleted everything owned by my user recursively from the root directory. Including my 3tb external drive I back everything up to that was mounted under /media,' user keyvin wrote in his report. 'Everything important, for the most part, was in the cloud. It is a huge hassle, but it is not a disaster. If there is the chance that moving your steam folder can result in recursively deleting everything in the directory tree you should probably just throw up an error instead of trying to point to other stuff.'
The bug is similar to a known issue with the Windows release, but while that is an issue only if Steam is installed to a directory containing other files the Linux client flaw is more wide-ranging. Numerous suggestions - and even patches - have been offered by the community to resolve the issue, with Valve yet to respond.
Launched as a beta back in February 2013 following closed testing the year before, Steam for Linux provides access to Linux-specific and cross-platform games on most variants of the open-source operating system. It operates identically to the Windows and OS X variants, and was developed by the company both in response to customer demand and as the central pillar of its own SteamOS Linux-based gaming-centric operating system. By and large, its launch went smoothly - but users have now discovered a rather nasty bug.
Brought into view in a bug report on Valve's GitHub repository, the flaw is both simple and horrible: the script which runs the Steam client can, in certain circumstances, erase every single file owned by or with write permissions for the current user from a computer system - including those located on external drives or certain types of network drives.
The problems comes from a line in steam.sh which simply reads 'rm -rf "$STEAMROOT/"*'. This line, called when the script is run with the --reset_steam option, is designed to delete all files under Steam's data directory in preparation of beginning again. Unfortunately, users have found that it is also executed when the Steam data directory is missing - and when it's missing, the $STEAMROOT variable expands as empty. The result: the command actually run is 'rm -rf "/"*' - an instruction to delete every single file on the system recursively. Although file permissions will prevent non-root users from deleting operating system files, the instruction is enough to wipe every single file owned by the user on any mounted drive.
'I looked and saw that steam had apparently deleted everything owned by my user recursively from the root directory. Including my 3tb external drive I back everything up to that was mounted under /media,' user keyvin wrote in his report. 'Everything important, for the most part, was in the cloud. It is a huge hassle, but it is not a disaster. If there is the chance that moving your steam folder can result in recursively deleting everything in the directory tree you should probably just throw up an error instead of trying to point to other stuff.'
The bug is similar to a known issue with the Windows release, but while that is an issue only if Steam is installed to a directory containing other files the Linux client flaw is more wide-ranging. Numerous suggestions - and even patches - have been offered by the community to resolve the issue, with Valve yet to respond.
MSI MPG Velox 100R Chassis Review
October 14 2021 | 15:04
Want to comment? Please log in.
Posted by will_123 - Fri Jan 16 2015 10:38
Posted by Gareth Halfacree - Fri Jan 16 2015 10:42
Rule Number the Second of Bash Scripting: If you thought carefully and the answer was 'yes,' get someone else to write the script for you. Go sit in the corner and think about what you've done.
Remember Bumblebee? Guy wrote an install script which cleaned out old files when run. It was *supposed* to execute "rm -rf /usr/lib/nvidia-current/xorg/xorg". Trouble is, the author added a space - which was then committed and rolled out without testing. The command became "rm -rf /usr /lib/nvidia-current/xorg/xorg" - which turned "delete everything in and below the directory usr/lib/nvidia-current/xorg/xorg" into "delete everything in and below the directory /usr and the directory /lib/nvidia-current/xorg/xorg" Bye-bye, files.
Posted by will_123 - Fri Jan 16 2015 11:00
Posted by schmidtbag - Fri Jan 16 2015 14:05