how to keep/lock/ hide pg_hba.conf ?

Dear all:
I am ready to release a client/server software (in windows xp),sure it's
postgresql based application
but I have to hide the password for sensitive data.
I found that,if user modified the pg_hba.conf, modified the "METHOD"field
from md5 to "password"
then,user can find out the password by some the TCP/IP peep tool --such as
LayerViewer
(we don't plan to install SSL in server/client)
I think as a newbie as I know this bug,this solution should be released
already
Thanks for any advice/suggestion
       Regards
               john from Taiwan


--
View this message in context:
http://postgresql.1045698.n5.nabble.com/how-to-keep-lock-hide-pg-hba-conf-tp4296068p4296068.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.