Authentication in GNUCash

John Ralls jralls at ceridwen.us
Sun May 16 17:35:16 EDT 2010 

On May 16, 2010, at 2:13 PM, David G. Hamblen wrote:

> On 05/16/2010 11:57 AM, Mike or Penny Novack wrote:
>> Elizabeth Dodd wrote:
>> 
>>> No.
>>> GnuCash was not developed in the Windows World, but in the Unix world, where user accounts have the requirement to log in on startup.
>>> It's a different philosophy.
>>> 
>>> 
>> Or more precisely, developed in the 'nix world which does not allow users to disable "log in requires user name and password".
>> 
>> For a long time now the Windows World has had available requiring logging in with user Id and password. Not the fault of the operating system that it allows (foolish) users to disable this fundamental level of security. MS is in the business of creating systems for money and that's a "convenience" their users seem to want as so many seem to do just that. Not require a password and letting their user sessions have administrator rights.
>> 
>> Michael
>> _______________________________________________
>> gnucash-user mailing list
>> gnucash-user at gnucash.org
>> https://lists.gnucash.org/mailman/listinfo/gnucash-user
>> -----
>> Please remember to CC this list on all your replies.
>> You can do this by using Reply-To-List or Reply-All.
> I just noticed that all of my gnucash data is stored with permissions 644 (only I can write to it, but any user of my computer can read it).   Shouldn't the default be 600 (owner read/write, but group and other can't read).  Since I'm the only user, it doesn't matter, but this seems like an odd default.  Perhaps this is an Ubuntu/Debian installation issue.

I don't think Gnucash messes with the permissions at all (which many experienced Unix users would consider to be rude). It's therefore following your umask, which usually defaults to 022. If you're actually sharing your computer, you probably want to set it to 024, which will block anyone not in your group (which nowadays defaults to just you) from reading any file you create. Alternatively, you could just change the mode of the directory where you save your accounting files to 700 (rwx------); then it won't matter what access is on the files, no one but you and root will be able to see them. (But think this through: Your backups may be being run by an unprivileged userid, so you'll have to accommodate that.)

Regards,
John Ralls

More information about the gnucash-user mailing list