Gnucash password protection and encryption

Derek Atkins warlord@MIT.EDU
01 Mar 2001 15:56:51 -0500 

I agree that Gnucash should not have builtin local-file encryption.

Since Unix is a multi-user environment, you can protect the files by
having different people log into different accounts.  One thing we may
want to do is make sure that Gnucash data files are mode 600 by
default (or perhaps give the user an option to set the mode bits, with
the default being mode 600).

If the data files are mode 600, then only the owner can modify them.
This will protect you from other non-root-users on your system.  If
you are REALLY worried about, say, the police coming and reading your
files, then you should use something like CFS, as suggested, to just
encrypt the whole disk.

Note that this argument does break down if you use a network file
system.  In that case, you probably want to move to a network-based
client/server system with on-the-wire data encryption, and then you
can use username/password (or other authentication) to prove to the
server that you have access to the files.  But this is a ways off from
now.

-derek

Robert Graham Merkel <rgmerk@mira.net> writes:

> linas@linas.org writes:
>  > Hi,
>  > 
>  > Sounds like not a bad idea,  you should pursue this on the
>  > gnucash-devel@gnucash.org mailing list.
>  > 
>  > --linas
>  > 
>  > It's been rumoured that Booster said:
>  > > 
>  > > 
>  > > Hello,
>  > > 
>  > > I am using Gnucash regularly, its really great.
>  > > 
>  > > But I have one problem, security.
>  > > 
>  > > Could you please add an option to protect the saved files with a password, or 
>  > > better, call gnupg to encrypt the files when saving them ? And then extract 
>  > > them when loading ?
>  > > 
>  > > What do you thing of that ?
>  > > 
>  > > Thanks very much for your great work.
>  > > 
>  > > CU Booster
> 
> While this might sound like a good idea, it has some problems which
> make the improved security somewhat illusory.  
> 
> The following thread in the mail archives provides a good argument for
> *not* providing such a facility from within gnucash:
> 
> http://www.gnumatic.com/pipermail/gnucash-devel/2000-September/000765.html
> 
> Note in particular the suggestion to use an encrypted filesystem like
> CFS instead.
> 
> ------------------------------------------------------------
> Robert Merkel	                           rgmerk@mira.net
> 
> <telsa> I left my client on #gtk+ overnight and there was nothing 
> in scrollback at all except quit/rejoins.
> <bighead> telsa: well its been that for, I think 3 days now 
> (ever since started coming back on IRC)
> <telsa> Clearly they are busy implementing telepathy, 
> and dog-fooding it. :) 
> ------------------------------------------------------------
> 
> _______________________________________________
> gnucash-devel mailing list
> gnucash-devel@lists.gnumatic.com
> http://www.gnumatic.com/cgi-bin/mailman/listinfo/gnucash-devel

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available