On Fri, Dec 2, 2016 at 5:46 AM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Thu, Dec 1, 2016 at 3:40 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Robert Haas <robertmhaas@gmail.com> writes:
>>> On Thu, Dec 1, 2016 at 2:56 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>>> check-world isn't a magic bullet.
>>
>>> No, but deliberately leaving things out that could be run isn't
>>> helping anything either.
>>
>> Tests that open security holes while running aren't in my list of "things
>> that could be run automatically".
>
> If we create a new target that runs them automatically, you don't have
> to use it.
Having a new target would make sense, if flagged as security-unsafe.
The reason why the SSL test suite is not in check-world is that SSL
cannot be used with unix domain sockets, making it unfit in shared
environments.
--
Michael