Feature discussion: Access restriction for gnucash files by password

Derek Atkins warlord at MIT.EDU
Wed Jun 26 14:20:33 EDT 2013

Geert Janssens <janssens-geert at telenet.be> writes:

>> > What do you think?
>> I think users shouldn't share userids. ;-)
>> I suppose that this isn't too harmful so long as it's clear that it
>> conveys a false sense of security and that simply having separate
>> userids is a better solution.
> I'm ok with this as well.

I would want it to be very VERY clear that there is absolutely ZERO
security here.  An attacker would only need to edit the XML and remove
the KVP to bypass this, which is extremely simple for anyone with a text

>> Note that the MySql and Postgresql backends do provide for
>> authentication, but we defeat it by storing the userid and password.
>> In those cases we should  pop up the authentication dialog rather
>> than storing the credentials rather than using a KVP parameter on the
>> book.
> Agreed. For MySql and Postgresql this issue can be fixed by only
> optionally storing the
> password. Adding a "Save password" checkbox in the proper open and
> save dialogs could
> be sufficient.

Agreed.  I think for DBs we can and should leverage the DB security.  I
also agree with the "Save Password" checkbox, and possibly a way to
forget it, too.

I still honestly think that for SQLite and XML we shouldn't do anything.

>> Regards,
>> John Ralls
> Geert


       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available

More information about the gnucash-devel mailing list