Hi, i discovered the possibility to get the DB-Params still if you are not admin and have possibilitiy to access php-scripts, e.g. with php_page_content. Then a simple script like <?php echo "User / Passwort: ".TYPO3_db_username." / ".TYPO3_db_password; ?> prints out all necassary data. Is this a big problem for security ? What do you think about that ?