Looks like we are still in this day and age of security issues around everywhere. nagios still has not provided a way to securely store passwords and even transmit them securely over the network. probably tapping into the network you could get all the major passwords of the systems. or even better. if you get to the resource.cfg you could get into it pretty easily.
I feel that nagios should seriously think about securing system passwords used for monitoring servers much more safely. I am feeling very unsafe putting in these passwords in resource.cfg files.
Again I know that the task of protecting over the wire is much more difficult based on the protocols we are using. Please feel free to let me know if I am missing the point here and nagios has some other way to manage passwords to check-commands any other ways.
I would use some kind of seperate web screen to enter passwords and have an ID associated with it and and have them loaded in memory on startup to be later looked up by processes by ID. ( This is just a wild thought).
Thanks
Sujith