On Tue, 2014-01-07 at 21:36 +0000, Brent Wiese wrote: > Is there a way to use an encrypted value for $DatabasePassword in > RT_Siteconfig?
What, exactly, do you mean by "encrypted"? RT clearly needs to have access to the plaintext password to pass to the MySQL authentication process, so there is nothing that can prevent some part of the RT internals from knowing the plaintext. The fact that the password is in plaintext is one of the reasons why RT_Config.pm is 0440 and generally owner root and group apache; this prevents arbitrary users from seeing it. If you're looking to prevent it from being gleaned from accidental reading by someone who can read the file, you can simply rot13 it: my $rot13 = sub { my $s = shift; $s =~ tr/A-Za-z/N-ZA-Mn-za-m/; $s }; Set( $DatabasePassword, $rot13->("cnffjbeq") ); - Alex