Safe Haskell default
Daniel Fischer
daniel.is.fischer at googlemail.com
Wed Oct 26 20:04:36 CEST 2011
On Wednesday 26 October 2011, 19:50:09, Johan Tibell wrote:
> On Wed, Oct 26, 2011 at 9:04 AM, Thomas Schilling
>
> <nominolo at googlemail.com>wrote:
> > I while ago I saw a commit to Safe Haskell changing modules from
> > default Unsafe to default Safe.
> >
> > This seems wrong to me (and Duncan agreed on IRC) -- in security the
> > usual advice is to use white listing instead of black listing. The
> > reasoning is that if you forget to white list something safe, it
> > causes some inconvenience; but if you forget to blacklist something
> > unsafe it's a security flaw.
> >
> > Is there some more documentation on why this decision was made? Was
> > it just to avoid adding a pragma to every module?
>
> The other way around force those who don't use Safe Haskell to still
> deal with it. It should be an opt-in language feature, just like every
> other language feature.
I don't understand this. If I don't use Safe Haskell, the compiler should
ignore all the Safe/Trustworthy/Unsafe pragmas no matter what's the
default.
Only if I explicitly choose to use Safe Haskell by putting an -XSafeHaskell
on the command line should it care, and then I'd expect modules without
info to be deemed unsafe by default.
More information about the Cvs-ghc
mailing list