Nice input Lempster, storing configuration settings in a table makes it possible to set very granular permissions. But configuration files in XML format can also be secured using Access Control List (ACL) on the operating system.

Although this does not provide the granular permission setting as available in a table, however, it secures the xml configuration file and protects it from unauthorized access.

Cheers!