Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
Report this post
No. This is an unintended side effect of Valve's development team consisting of Muppets.
They wrote Steam with complete and utter disregard for the folder permission model and multi-user account segregation in Windows. Instead, Steam is written like old applications from the early '90s: dump everything into the installation folder and manage it there.
Hence all Windows user accounts have access to the same pool of Steam users. And any Windows user is able to auto-login to Steam using the remembered auto-login credentials of any Steam account last accessed by any Windows user on the system.
Also; things get really fun when multiple Windows users simultaneously try to run the Steam client. (Please don't try it. Bad things happen.)
-------------------------
Of course you may wonder how they pull that off when normal user accounts and token-split administrators that haven't elevated with UAC yet, generally shouldn't have write permissions granted to them for application install folders. Certainly not for anything below the default Program Files location.
Well... Valve found a way around that. Steam installs a Windows Service component called the Steam Service, which runs under the SYSTEM user - i.e. the end-all-be-all can-do-anything 'root' account. When the Steam client starts, it tells Windows to start that service. When that service starts, it uses its root powers to give write permission to all users for the entire Steam folder, as well as some areas of the Windows registry.
And yes; that is as sensitive to security problems and exploitation as you think it would be.
In fact: it actually did contain a bug that created a trivial permission elevation vulnerability allowing malicious actors to exploit Steam to access any folder or registry segment on the system with full access; and by extension to set up situations where they could get the SYSTEM user to run arbitrary code of their choosing. First discovered around 2014. Finally patched by Valve in 2018~2019, half a decade later, because the last person to report it was fed up with their inaction and went public with a proof of concept.
Well, I wasn't in the steam beta, but I opted in and this sort-of fixed it for me.
When I now switch windows users, and start steam, it will kill steam for the other user, but it does login in with the right user for that account.
If you want Steam to be separate per Windows accounts install Steam to different location/drives for each Windows accounts.
For Drives
Windows 1 installs Steam to C:\
Windows 2 installs Steam to D:\
For locations Install Steam to the users Windows Account
Windows 1 installs Steam to C:\Users\WindowsAccount_1\
Windows 2 installs Steam to C:\Users\WindowsAccount_2\
Be sure that the Steam Desktop shortcut is links to the correct WindowsUser/Steam install