How safe is GnuCash?
Jean-David Beyer
jeandavid8 at verizon.net
Thu Jan 12 07:12:12 EST 2017
On 01/11/2017 02:10 PM, 70147persson at telia.com wrote:
> How safe is GnuCash? No, I am not talking about lack of bugs etc, but
> from an auditor's point of view. How to secure that no one is
> manipulating the figures in the book? The best way of book keeping is
> an, in advance paginated, paper book, in which you write your notes with
> non erasable ink. Then, if I make a mistake, I have to make a change by
> drawing a straight line (in ink) over the wrong figures and write the
> correct ones next to the original and sign it with my signature. That
> way the auditor can see all changes and can verify it to the written
> documents/verifications.
>
I am not an expert on GnuCash, thouogh I have used it for many years.
But let us imagine that the GnuCash program is perfect in every respect
according to whatever specification you try to make on it. You are still
not safe because any one (e.g., the system administrator) can modify a
GnuCash file using a program other than GnuCash.
In Linux, for example, there are programs that allow anyone with the
proper permissions to alter any kind of file. Sed is one of them; ospam
might be more convenient. And there is nothing Gnucash can do to prevent
you from using it. Now if the GnuCash data file is owned by a specific
user (and this is usually the case), and that user made it and its
containing directry unwritable (and perhaps unreadable as well by
members of his group or any others), it would be more difficult for a
random user to fiddle with the file. But the system administrator (root)
could do it with ease. And if that Linux system were running SELinux
(Security Enhanced Linux), it would be more difficult still. But still
not impossible.
I do not know enough about Windows or Apple software to comment on
security of those systems, but I doubt your problems would be solved by
using them.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521.
/( )\ Shrewsbury, New Jersey http://linuxcounter.net
^^-^^ 06:55:01 up 1 day, 15:40, 2 users, load average: 4.29, 4.27, 4.19
More information about the gnucash-user
mailing list