I’d kind of like Steam to have the ability to indicate games that can run offline in its Store and enforce this by running the game in a container without network access.
I run all my games in Linux and everything but Steam goes via Lutris which I configured to, by default, launch them inside a Firejail sandbox with no network access (plus a bunch of other security related limitations) something which I can override for specific games if needed.
It’s interesting that Steam games are actually the least secure to run in Linux and with a configuration as I have it’s literally safer to run pirated shit downloaded from the Internet than Steam games.
I run all my games in Linux and everything but Steam goes via Lutris which I configured to, by default, launch them inside a Firejail sandbox with no network access (plus a bunch of other security related limitations) something which I can override for specific games if needed.
That sounds like a neat setup! And no messing around with firewall rules either. I’ll have to look into it.
In Lutris there’s a “Command prefix” configuration option both per-game and one in the global config with the default for all games, which is where the firejail command line goes (basically for sandboxing with firejail you’re supposed to run “firejail firejail-options original-command original-options” and putting firejail and its options in “command prefix” does that).
Note that there are other sandboxing options that run in the same way as firejail but I found firejail to have more straightforward options.
Also note that this won’t sandbox the actual setup of a game, only the running of the game.
I’d kind of like Steam to have the ability to indicate games that can run offline in its Store and enforce this by running the game in a container without network access.
I run all my games in Linux and everything but Steam goes via Lutris which I configured to, by default, launch them inside a Firejail sandbox with no network access (plus a bunch of other security related limitations) something which I can override for specific games if needed.
It’s interesting that Steam games are actually the least secure to run in Linux and with a configuration as I have it’s literally safer to run pirated shit downloaded from the Internet than Steam games.
That sounds like a neat setup! And no messing around with firewall rules either. I’ll have to look into it.
In Lutris there’s a “Command prefix” configuration option both per-game and one in the global config with the default for all games, which is where the firejail command line goes (basically for sandboxing with firejail you’re supposed to run “firejail firejail-options original-command original-options” and putting firejail and its options in “command prefix” does that).
Note that there are other sandboxing options that run in the same way as firejail but I found firejail to have more straightforward options.
Also note that this won’t sandbox the actual setup of a game, only the running of the game.
You know that’s not too unreasonable thinking about it, I’m pretty sure their proton setup works in a similar way
Yes please!