IO security
Hal Daume III
hdaume@ISI.EDU
Fri, 4 Oct 2002 08:01:51 -0700 (PDT)
> o There are functions like "unsafePerformIO". How many of these
> unsafe functions exist and what are their names? Is there
It depends on what you count as unsafe. There's also unsafeIOToST, which
is just as unsafe (You can write unsafePerformIO using this -- see a
message to the haskell list from Koen Classen from a while back).
There are also functions like unsafeRead on arrays, which is unsafe in the
sense that it doesn't do bounds checking.
> o Is the function "print" secure in the sense that all stuff
> it produces is restricted to go to stdout, even if strange
> sequences of control characters appear?
Not if the posix library is used. If that is used, you can use dupto to
redirect output from stdout to any file.
> o Is there a way to tell the GHC run-time system to block
> file operations or system calls coming from the
> application program, while permitting input/output
> via stdin/stdout?
I can't say for sure, but I would guess not. Based on recent discussion
about exactly how to handle stdin/stdout, it seems to be beyond the scope
of a language to prescribe these things...