Encrypting DB passwords in the config
jaw+arguslist at tcp4me.com
Sat Jan 6 19:38:26 EST 2007
| Correct me if I'm wrong, but it appears to me there is no way to encrypt
| database passwords or any other configuration data that is stored in the
| config? This is particularly bad in that the password is also displayed on
| the config in the UI. Has anyone else dealt with this issue?
you can prevent people from displaying the config using
the acl features.
in simple mode the displaying the config uses 'acl_root'
in advanced mode 'acl_getconf', and 'acl_about' for
the debugging page.
More information about the Arguslist