Because the radiusd.conf, proxy.conf, and clients.conf configuration files contain passwords in plain text, they must not be readable by anyone other than the FreeRADIUS administrator (root).
You need to protect the following configuration files in /usr/local/etc/raddb/:
clients
clients.conf
naspasswd
proxy.conf
radiusd.conf
realms
snmp.conf
users
You need to give read/write rights to the above files to root users only.
Log in as root.
Execute the following command for each of the files listed above:
chmod go-rwx filename