backend encryption / security
herbert.thoma at iis.fraunhofer.de
Wed May 7 03:57:19 EDT 2014
We have a FAQ on this issue:
Am 07.05.2014 00:40, schrieb Michalis Kamprianis:
> I can see in uservoice, and I think frequently asked in lists, the request for encryption or password protection of the datafile.
> Regarding database backends, I believe that database encryption should be used if required, (although I understand that dbi may not be up to the task).
> Nevertheless, for xml backend, I think that I could try to implement an AES based encryption (on saving) and decryption (on opening), based on code from aescrypt.
> Aescrypt is available for unix, windows, mac, so the implementation should probably be portable across platforms. The code is some gpl and some freeware.
> Of course such a solution only protects data at rest (i.e. when data is read in memory it is not protected. Log files are not protected. User configuration files are not protected - at least initially, and so on) so it's not transforming gnucash to the most secure accounting software out there, but solves the problem with datafile misplacement or unwanted access.
> The thing is, (a) I don't know if you're interested and / or agree in implementing something like that, and (b) although I will probably manage to code the open and save routines, I'm not sure I will not get stuck somewhere, in which case it will either remain as an unfinished project, or I will need some help from somebody more experienced.
> Your thoughts?
> gnucash-devel mailing list
> gnucash-devel at gnucash.org
Head of Video Group
Multimedia Applications Department
Am Wolfsmantel 33, 91058 Erlangen, Germany
email: herbert.thoma at iis.fraunhofer.de
More information about the gnucash-devel