You can restrict access privilege to the config files by setting permissions based on the Type of user.

• The config directory which contains site-level configuration files, like config.txt, dispatch.xml etc. are accessible only to those nominated users to the site who have "All" permissions to the site.
  
  
• This enhances the security of your site considerably because it enables you to hide from specific individuals sensitive information about the site, like the name of the site's database host, the Oracle database user name and password, the path for site root and the UDM files directory, etc.