GHC Trac Home
GHC Git Repos
Report a bug
Mailing Lists & IRC
The GHC Team
GHC Status Info
Tickets I Created
Patches for review
New Feature Req
side by side
lines around each change
Show the changes in full context
White space changes
Jan 14, 2011 10:16:58 AM (
== Module trust ==
'''SLPJ comment.''' This section seems over-complicated. For one thing it appears to define two terms: "trustable" and "trusted", and I can't tell if they are the same or not. Second, the definitions seem over complicated. MOreover it mixes specification and implementation. Here's an alternative attempt:
* A module is '''trusted''' iff it was compiled with `-XSafe` or `-XTrustworthy`.
* A '''trusted package''' is one that is declared trusted by command-line flags (using the rules you give below). But a module in an untrusted package can still be a trusted module (see above).
* A '''safe import declaration''' is one that
* Imports a '''trusted module''' module, or
* Imports a module from a '''trusted package'''
* In a module compiled with `-XSafe`, you may use only '''safe import declarations'''
* In module compiled with `-XTrustworthy`, any import declaration marked "`safe`" must be a '''safe import declaration'''.
'''End of SLPJ comment'''
Recall that a safe import of a module M fails unless M is trusted. M is trusted when two conditions hold: