[CR #173689] rsmgen creates *.rsm files in the %SYBASE%\admin\config directory. *.servers.rsm is created with read/write permissions for all three groups (user, group, others), and *.users.rsm is created with read permission for all three groups. This exposes logins and password information to everyone.
Workaround: Restrict access to the configuration files and the directory containing them so that only the RSM Server administrator can read and write to them. Use the File | Properties | General tab in NT Explorer, and select “Hidden.”
