Changes between Version 27 and Version 28 of SafeHaskell
- Timestamp:
- 01/19/11 00:05:44 (2 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SafeHaskell
v27 v28 80 80 81 81 * A '''module M from package P is trusted by a client C''' iff 82 * Either both of these hold:82 * Both of these hold: 83 83 * The module was compiled with `-XSafe` and without `-XUntrustworthy` 84 84 * All of M's direct `imports` are trusted by C 85 * O rall of these hold:85 * OR all of these hold: 86 86 * The module was compiled with `-XTrustworthy` 87 87 * All of M's direct `safe imports` are trusted by C … … 114 114 }}} 115 115 Suppose client C decides to trust package P. Then does C trust module M? To decide, C must check M's imports: 116 * M imports `System.IO.Unsafe` ? C trusts P's author, and M was compiled with `-XTrustworthy` so P's author takes responsibility for that import. So C trusts M.116 * M imports `System.IO.Unsafe`. M was compiled with `-XTrustworthy`, so P's author takes responsibility for that import. C trusts P's author, so C trusts M. 117 117 * M has a `safe` import of `Buggle`, so P's author takes no responsibility for the safety or otherwise of `Buggle`. So C must check whether `Buggle` is trusted by C. Is it? Well, it is compiled with `-XSafe`, so the code in `Buggle` itself is machine-checked to be OK, but again under the assumption that `Buggle`'s imports are trusted by C. Ah, but `Prelude` comes from `base`, which C trusts, and is (let's say) compiled with `-XTrustworthy`. 118 118
