Security concerns about Dremio storing data source credentials

Hi everyone!
Hope you are all doing good.

I have some queries related to Dremio’s security, concerns more towards how Dremio stores the data source credentials.

From what I got to know while going through the below topic, Dremio stores all these credentials in RockDB in the file system.
Check - Where (and how) does Dremio store database credentials? - Dremio

My questions:

  • Are the credentials stored secure enough? RockDB stores these in the file system. Are credentials for RockDB set to default. Is there a way to define them explicitly?
  • Is there a way to provide a custom key to Dremio to encrypt data while storing?
  • Or if you can suggest some way to store the credentials more securely?