« Return to Thread: Configuring KMyMoney for better security
Re: Configuring KMyMoney for better security
by Thomas Baumgart
::
Rate this Message:
On Saturday 04 July 2009 08:01:22 Paul Kosinski wrote:
> Hi,
>
> Starting to use KMyMoney (which I compiled from source -- and it's
> nice that it works when it's installed in other than default KDE
> directory), I tried to configure it for somewhat better security and
> noticed the following two problems.
Thanks for mentioning them. Never thought of 1 myself (Ok - I know that the
program does not use the URLs unless activated by the user).
> 1. I don't like the idea of any program dealing with sensitive info
> unexpectedly accessing unfamiliar Internet sites, but I couldn't get
> rid of the default stock-quote URLs. When I deleted them from the rc
> file, they all came back. I suppose I could spend N hours removing
> Internet access classes and/or methods from the source code, but that
> would be a never ending struggle trying to keep up when future
> versions come out.
True. Guess we will discuss if it makes sense to have the ability to turn the
auto creation off.
> 2. In a similar vein, I don't consider the 'Documents' directory
> sufficiently private for financial data (since it has 755 perms by
> default/tradition, because it is intended to be readable by others),
> but I couldn't figure out how to make KMyMoney's File dialogs start
> in a different directory -- there doesn't seem to be any parameter in
> the rc file, and KDE's "Work Path" doesn't affect it. And again,
> modifying the C++ would be a never ending burden. I also am reluctant
> to encrypt the file, due to risk of key loss (and a recovery key held
> by other than a personal friend, attorney etc. doesn't appeal either).
You can easily move the file to any other location. KMyMoney opens the last
used file and remembers its location. So no problem there. It also keeps the
current access right which you might also modify.
WRT the GPG recovery key: You don't have to use it. KMyMoney does allow to
encrypt with more than one key which out of your GPG keyring. It depends on
your choice which keys you use. So I don't see a problem.
> Other than these I am so far quite impressed with KMyMoney. It's very
> encouraging that there are so many high-quality GUI applications that
> are Open Source.
>
> Keep up the good work!
Will do. Thanks for the comments.
--
Regards
Thomas Baumgart
GPG-FP: E55E D592 F45F 116B 8429 4F99 9C59 DB40 B75D D3BA
-------------------------------------------------------------
Two of the most famous products of Berkeley are LSD and UNIX.
I don't think that this is a coincidence. (anonymous)
-------------------------------------------------------------
------------------------------------------------------------------------------
_______________________________________________
KMyMoney2-developer mailing list
KMyMoney2-developer@...
https://lists.sourceforge.net/lists/listinfo/kmymoney2-developer
> Hi,
>
> Starting to use KMyMoney (which I compiled from source -- and it's
> nice that it works when it's installed in other than default KDE
> directory), I tried to configure it for somewhat better security and
> noticed the following two problems.
Thanks for mentioning them. Never thought of 1 myself (Ok - I know that the
program does not use the URLs unless activated by the user).
> 1. I don't like the idea of any program dealing with sensitive info
> unexpectedly accessing unfamiliar Internet sites, but I couldn't get
> rid of the default stock-quote URLs. When I deleted them from the rc
> file, they all came back. I suppose I could spend N hours removing
> Internet access classes and/or methods from the source code, but that
> would be a never ending struggle trying to keep up when future
> versions come out.
True. Guess we will discuss if it makes sense to have the ability to turn the
auto creation off.
> 2. In a similar vein, I don't consider the 'Documents' directory
> sufficiently private for financial data (since it has 755 perms by
> default/tradition, because it is intended to be readable by others),
> but I couldn't figure out how to make KMyMoney's File dialogs start
> in a different directory -- there doesn't seem to be any parameter in
> the rc file, and KDE's "Work Path" doesn't affect it. And again,
> modifying the C++ would be a never ending burden. I also am reluctant
> to encrypt the file, due to risk of key loss (and a recovery key held
> by other than a personal friend, attorney etc. doesn't appeal either).
You can easily move the file to any other location. KMyMoney opens the last
used file and remembers its location. So no problem there. It also keeps the
current access right which you might also modify.
WRT the GPG recovery key: You don't have to use it. KMyMoney does allow to
encrypt with more than one key which out of your GPG keyring. It depends on
your choice which keys you use. So I don't see a problem.
> Other than these I am so far quite impressed with KMyMoney. It's very
> encouraging that there are so many high-quality GUI applications that
> are Open Source.
>
> Keep up the good work!
Will do. Thanks for the comments.
--
Regards
Thomas Baumgart
GPG-FP: E55E D592 F45F 116B 8429 4F99 9C59 DB40 B75D D3BA
-------------------------------------------------------------
Two of the most famous products of Berkeley are LSD and UNIX.
I don't think that this is a coincidence. (anonymous)
-------------------------------------------------------------
------------------------------------------------------------------------------
_______________________________________________
KMyMoney2-developer mailing list
KMyMoney2-developer@...
https://lists.sourceforge.net/lists/listinfo/kmymoney2-developer
signature.asc (232 bytes) « Return to Thread: Configuring KMyMoney for better security
| Free embeddable forum powered by Nabble | Forum Help |
