has GnuCash code been reviewed for security?

Buddha Buck blaisepascal at gmail.com
Thu Nov 9 09:24:44 EST 2017


GnuCash also doesn't do any network access, either as a client or server.
For things like financial quote lookup, it calls 3rd-party tools. That's
another way that GnuCash minimizes its security footprint.

On Thu, Nov 9, 2017 at 8:44 AM Aaron Laws <dartme18 at gmail.com> wrote:

> On Wed, Nov 8, 2017 at 8:35 PM, Marcus Winston <
> marcus at thechocolatehouse.net
> > wrote:
>
> > I've searched the web and mailing list archives for this one, but didn't
> > find it. I'm just curious if GnuCash has ever gone through a code review
> > specifically for security? Perhaps something like what was done for
> > TrueCrypt...?
>
>
> There aren't many angles for Gnucash security. Data can be stored in xml or
> SQL. The SQL storage security is up to the provider: mysql, sqlite,
> postgres. XML is in plain text, so you'll need to secure it physically or
> using your operating system.
>
> As Derek asks: what else would you like to know?
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
>


More information about the gnucash-user mailing list