On Wed, Nov 17, 2010 at 16:39, Tom Lane <t...@sss.pgh.pa.us> wrote: > Magnus Hagander <mag...@hagander.net> writes: >> Currently, we overload "indent" meaning both "unix socket >> authentication" and "ident over tcp", depending on what type of >> connection it is. This is quite unfortunate - one of them being one of >> the most secure options we have, the other one being one of the most >> *insecure* ones (really? ident over tcp? does *anybody* use that >> intentionally today?) > >> Should we not consider naming those two different things? > > Maybe, but it seems like the time to raise the objection was six or > eight years ago :-(. Renaming now will do little except to introduce > even more confusion.
For existing users, yes. For new users, no. I certainly get comments on it pretty much every time I do training that includes explaining pg_hba options. The question is if it's worth confusing our existing users a little, at the advantage of not confusing new users. We could of course also just drop ident-over-tcp completely, but there might be some poor guy out there who actually *uses* it :-) And I agree it would've been much better to do it years ago. That doesn't mean we shouldn't at least *consider* doing it at some point. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
