pam-mysql: password in world readable file?
I'm not yet a PAM guru (more like a wannabe n00b) but was looking into using pam-mysql in one situation. But something doesn't quite make sense to me: if I use pam-mysql in a PAM config file, then I must include the username and password for the authentication database in the module arguments, correct? But all these PAM files are world-readable, yes? Isn't this an insecure arrangement?
|