passwords in configuration files (right way to protect them ?)
I've been setting up my /etc/profile file with the correct parameters that our proxyserver needs.
This includes identification via username and password on the proxyserver.
If I look at the default file permissions... everyone has read permission on the /etc/profile file.
This means the password I've entered is visible to everyone if I don't do anything to "fix" this...
Are there certain options to protect these types of configuration files other than just changing the permissions ?
Also, can changing permissions to keep configuration files from being read by "unauthorized" users conflict with the normal way things should work or IS changing the permissions in general the right way to keep those passwords or other sensitive information inaccessible to most users ?
Last edited by svu; 09-30-2011 at 07:13 AM.