Securing Data

Robert Heller heller at deepsoft.com
Sun Dec 2 18:16:34 EST 2007 

At Sun, 02 Dec 2007 13:02:02 -0800 JUNIPER <snijuniper at comcast.net> wrote:

> 
>    A very secure way would be to simply save data only to a removable disk
>    and backup and remove them when not in use (safe deposit box? - Oops -
>    my wife has a key!).
>    Steve J
> 
> Date: Sat, 1 Dec 2007 14:42:33 -0800
> From: "Charles Day" [1]<cedayiv at gmail.com>
> Subject: Re: Quicken to GnuCash (Windows)
> To: "Robert Heller" [2]<heller at deepsoft.com>
> Cc: [3]gnucash-user at gnucash.org
> Message-ID:
>         [4]<1d6843d80712011442o3fd9eedp3f8f18cd9754cb96 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
> 
> On Nov 25, 2007 2:40 PM, Robert Heller [5]<heller at deepsoft.com> wrote:
> 
> 
> I'll start by using TrueCrypt to create a secure partition, since I am
> already family with it, but I can't say that this method really
> satisfies. Once mounted, the financial data becomes cleartext to any
> program (e.g. viruses). Is there a solution that makes the unencrypted
> data only available to gnucash?
> 
> Yes, but you really are not going to like it: Linux, using either proper
> UNIX User/Group file protection OR (even more secure) using SELinix and
> ACLs (this probably only really makes sense if you are the accountant
> for a spy agency or something and need to keep the accounting for 'black
> opps' secure :-)).
> 
> Linux has no viruses (in the sense that MS-Windows does), so even
> though the data is 'clear text', you only need to worry about other
> users on the system from snooping -- if they have different UIDs and/or
> GIDs and you set the protections of your gnucash files to be other=<no
> access> and group=<no access> [chmod go-rwx ...], the normal file
> system protections will keep everyone out (except the super user, who
> is presumed to be trustworthy).  It does have quite functional file
> protection and ownership -- MS-Windows NT only has a half-baked file
> protection and ownership system using NTFS (WinNT, Win2k, and later)
> and none at all with FAT (Win9x).
> 
> The only other solution would be to use a dedicated machine (which does
> nothing but run gnucash) behind a very secure firewall and being totally
> anal about virus scanning.
> 
> You could also install VMWare and install one of the popular end-user
> Linux distros (such as unbuntu) on a virtual machine (again using
> proper UNIX User/Group file protection on an Ext3 file system).  I
> doubt that any of the MS-Windows viruses can deal with a Ext3 file
> system on their own.
> 
> 
> 
> UNIX/Linux user/group file protection doesn't help me much. I want to keep
> professional thieves away from my financial data, not my proverbial little
> sister. A quick look at the Firefox bug list alone shows a history of
> vulnerabilities that compromise user/group file protection. To steal gnucash
> data now, it seems that one would only need to compromise the browser, for
> example, then patiently wait for the gnucash data file to be exposed (if any
> waiting is even required).

Use a different user/group for GnuCash (eg use a *dedicated*
user/group).  I am not sure what you mean by 'Firefox bug list ...
compromise user/group file protection' -- are these *Linux* bugs or are
they bugs related to the MS-Windows port of Firefox (FireFox is a
multi-platform application and these bugs might be related to
MS-Windows problems and not Linux related)?  Even if you  are using
Linux you should be real careful with Java -- run with it disabled and
only enable it if there is some site you *trust* -- run with JavaScript
also disabled if you are paranoid -- don't install Flash at all. Oh,
and be sure to have you linux machine running with a firewall (eg
iptables) running. If Firefox is run as a normal, non-priv. user, it
should not be possible for Firefox to get around user/group file
protection *under Linux* (or any UNIX or UNIX-like system, such as
MacOSX).  You should *NEVER* run Firefox (or any web browser!) as root
or under ANY elevated priviliged mode.  And why would Firefox have
anything to do with gnucash's data files?

> 
> Quicken asks for a password on startup, then decrypts the data file
> privately for itself as it accesses it. This is a significant additional
> barrier. Naturally, the Quicken data can also be stored on an encrypted
> partition using third-party software, if one felt that it was necessary. Of
> course, the security or insecurity of Microsoft, Apple, and other
> applications lies outside Quicken's control.

Quicken runs on MS-Windows, which is notorious for not having *ANY*
file protection AND is a haven for computer viruses.  WinNT systems
(Win NT 3.5, Win NT 4.0, Win 2K (NT 5.0), Win XP (NT 5.1), and Vista
(NT 6.0), using a NTFS file system has some notion of users and groups.
 DOS-based Windows systems (Win 3.11, Win 9x, Win ME) use the FAT file
system, which has no notion of users and groups.  MacOS *Classic*
(System 9 and earlier) also has no concept of users and groups.

> 
> I see from other posts that adding this additional security barrier to
> gnucash is a low priority for developers, and rightly so, since there are
> many other areas that can more directly improve the user experience and
> productivity. If additional security gets integrated with gnucash at some
> point, great!  This would also make it feasible to add a feature allowing
> users to download online transactions for all accounts at once, by caching
> the individual account passwords (which would be a significant
> improvement.)  But for now, has anyone created their own workaround?
> 
> Cheers,
> Charles
> 
> References
> 
>    1. mailto:cedayiv at gmail.com
>    2. mailto:heller at deepsoft.com
>    3. mailto:gnucash-user at gnucash.org
>    4. mailto:1d6843d80712011442o3fd9eedp3f8f18cd9754cb96 at mail.gmail.com
>    5. mailto:heller at deepsoft.com
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
> 
>      

-- 
Robert Heller             -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software        -- Linux Installation and Administration
http://www.deepsoft.com/  -- Web Hosting, with CGI and Database
heller at deepsoft.com       -- Contract Programming: C/C++, Tcl/Tk

More information about the gnucash-user mailing list