Sam Vilain wrote:
However, making it in a file in $HOME/.xxx means that the sysadmin can set it up to be mode 400 or something like that, to ensure other users can't access it if someone forgot to set the permissions right on the application code (or, hopefully, configuration file).
I don't think this solves the problem, because what I usually want is the user to be able to use the application, but unable to see the DB password. So the user should have "read" permission set for the file, but on the other hand he shouldn't. It's not not a problem for Web App, though.
-- Maxim Sloyko
