Currently, we overload "indent" meaning both "unix socket authentication" and "ident over tcp", depending on what type of connection it is. This is quite unfortunate - one of them being one of the most secure options we have, the other one being one of the most *insecure* ones (really? ident over tcp? does *anybody* use that intentionally today?)
Should we not consider naming those two different things? If not now, then at least put it on the TODO of things to do the next time we need to break backwards compatibility with the format of pg_hba.conf? Though if we're going to break backwards compatibility anywhere, pg_hba is probably one of the least bad places to do it... -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
