On Tue, Dec 06, 2016 at 12:36:41PM -0800, Andres Freund wrote: > On 2016-12-06 15:25:44 -0500, Tom Lane wrote: > > I'm not entirely thrilled with the idea of this being a configure-time > > decision, because that forces packagers to decide for their entire > > audience whether it's okay to depend on LLVM. That would be an untenable > > position to put e.g. Red Hat's packagers in: either they screw the people > > who want performance or they screw the people who want security.
There's no security issue. The dependency is on LLVM libraries, not LLVM front-ends (e.g., clang(1)). I don't think there's a real issue as to distros/packagers/OS vendors. They already have to package LLVM, and they already package LLVM libraries separately from LLVM front-ends. > The argument for not install a c compiler seems to be that it makes it > less convenient to build an executable. I doubt that having a C(++) > library for code generation is convenient enough to change the picture > there. The security argument goes back to the days of the Morris worm, which depended on having developer tools (specifically in that case, ld(1), the link-editor). But JIT via LLVM won't give hackers a way to generate or link arbitrary object code. Nico -- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
