Some applications such as Natron need access to MIT-SHM or other
shared memory mechanisms. Unsharing the pid namespace
breaks the ability for application to reference shared memory.
The desktop application and the absoloute path work fine.
But consider desktop environments such as KDE where, in the application
menu, one can right click entries and pin them to widgets/panels, add
them to the desktop, etc.
Doing so effectively means copying
/run/current-system/sw/share/applications/steam.desktop to
~/.local/share/plasma_icons/ or ~/Desktop/, i.e. managed stated gets
duplicated outside the nix scope.
The problem here is that steam.desktop hardcodes
Exec=/nix/store/<derivation hash>-steam/bin/steam %U
this means such copies will point at wrong/outdated derivations once
the steam package changes, i.e. widgets/panels/desktop icons will no
longer work and must be recreated.
Therefore replace the absoloute path with a $PATH lookup to allow "safe"
copying; this isn't optimal but other applications such Firefox and
Thunderbrid currently behave the same way ($PATH lookup in their
.desktop file).