Easier custom reporting (maybe Lua)?

Wm wm_o_o_o at yahoo.co.uk
Fri Oct 28 17:34:23 EDT 2016 

On 25/10/2016 11:55, Geert Janssens wrote:

> I understand the idea is better integration of gnucash with 3rd party 
> reporting extensions. I don't think the solution is the right one here 
> or at least not in the simplistic form as proposed.
> 
> But let me start with this: what you ask for is already possible now 
> IMO. Gnucash has a feature to load custom scheme code at startup. This 
> is used for example to add extra self-written reports. This same 
> mechanism can probably be (ab-)used to let you call any external program 
> you like.
> 
> With that in mind I will continue to argue against is promoting this to 
> a standard feature of gnucash. I'm fine with people tinkering and 
> extending gnucash locally. Those people however generally know more or 
> less what they are doing. Ordinary users may not be aware of this.
> 
> I see this extensibility as a gap that should be closed by default and 
> only open when someone explicitly wants to make use of it. So rather 
> than adding an additional "call whatever you want" mechanism I'd add an 
> option to *disable* loading custom scheme code by default and only allow 
> someone with admin rights to enable it by setting a system level 
> preference.
> 
> While this is not exactly what you asked for I'm afraid, it's something 
> that has been on the back of my mind for quite some time. And since the 
> topic got touched I want to clearly express my point of view on this 
> matter.
> 
> As to your argument "the unverified program gnucash would call could 
> anyway be called from the command line", this only considers the 
> technical aspect of security. Allowing gnucash to run aribitrary code 
> opens an extra vector of attack for social engineering. It could be used 
> to entice people that would never use the command line to execute 
> malicious code without them realizing it. The risk is small, but real 
> and can be avoided by not allowing gnucash to run arbitrary code.

Very well said but surely opening the reading (I want to report on my
data) will reduce the pressure on the writing (which you see as
undesirable and outwith myself and a few others I agree with).

-- 
Wm

More information about the gnucash-user mailing list