Re: [ANN] dbi-dbrc 0.2.0

< ^ > P N |<>|^_>< --- | ~ ...Help
Berger, Daniel wrote:

> The .dbrc file must be 600 (or better).  That means that only *you* and
> *root* should be able to read that file (in unix land, anyway).  If someone
> can read that file, it means they already have your *nix password, and
> you're in big trouble anyway.  If a cracker has gained root access, you're
> totally effed and a database login is probably the least of your worries.
> 
> An encrypted password would provide another layer of obfuscation, but no
> more actual security.  If someone else can read your file, they already have
> access to your keys, too, so it would only be a matter of time.  It would
> only be good for the times you've accidentally left the permissions on the
> file too open (which you will be warned about the next time you try to use
> the DBRC module).

Just to be malicious... what about someone using a linux boot floppy to 
read your file without having root access? The obfuscation layer would 
be real nice then...