Yes I think that this is actually very common and we just don't hear about it much.
Most of these online multiplayer games are implemented with heaps of unsafe c++, and due to the nature of the game, are constantly parsing inputs from the network, and from other clients. This is a recipe for disaster!
For this reason I will only run modern games in some sort of sandbox, ideally in a VM with GPU pass through, or maybe run them on a dedicated system that is only used for games.
Even in a VM, exploiting it would give access to the passed in GPU, and from there I'm not totally sure what is possible, so even this isn't perfect but it's quite a lot better than nothing.
Normally people are launching the game through the steam GUI under their regular uid, so CS:GO for example with this setup, can read and write to all of the data in ${HOME}. That's pretty scary!
Even running steam through flatpak doesn't give you much protection when sharing the X11 socket.
I think the most reasonable setup for the "average user" is to create a separate user account on their system that is dedicated to gaming. You can run graphical sessions for both users at the same time and switch between them via whatever method (i would just switch between multiple ttys). Users on Unix-like systems in theory should not be able to interfere with other users, or even harm the system so long as they can't escalate to root. It's important to realize that there are situations where an unpriv'd user can harm the system, like if there is a bug with sudo, or a kernel exploit! I think it's much better than the default though!
Most of these online multiplayer games are implemented with heaps of unsafe c++, and due to the nature of the game, are constantly parsing inputs from the network, and from other clients. This is a recipe for disaster!
For this reason I will only run modern games in some sort of sandbox, ideally in a VM with GPU pass through, or maybe run them on a dedicated system that is only used for games.
Even in a VM, exploiting it would give access to the passed in GPU, and from there I'm not totally sure what is possible, so even this isn't perfect but it's quite a lot better than nothing.
Normally people are launching the game through the steam GUI under their regular uid, so CS:GO for example with this setup, can read and write to all of the data in ${HOME}. That's pretty scary!
Even running steam through flatpak doesn't give you much protection when sharing the X11 socket.
I think the most reasonable setup for the "average user" is to create a separate user account on their system that is dedicated to gaming. You can run graphical sessions for both users at the same time and switch between them via whatever method (i would just switch between multiple ttys). Users on Unix-like systems in theory should not be able to interfere with other users, or even harm the system so long as they can't escalate to root. It's important to realize that there are situations where an unpriv'd user can harm the system, like if there is a bug with sudo, or a kernel exploit! I think it's much better than the default though!