alternatively just name your config file with the .php extension, then the contents is hidden from the user.
But if the config is outside the root and locked then it should be ok i reckon

__________________
mysql> SELECT * FROM `users` WHERE `users`.`clue` > 0;
Empty set (0.00 sec)