Changes between Version 27 and Version 28 of SafeHaskell


Ignore:
Timestamp:
Jan 19, 2011 8:05:44 AM (3 years ago)
Author:
simonpj
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SafeHaskell

    v27 v28  
    8080 
    8181 * A '''module M from package P is trusted by a client C''' iff  
    82    * Either both of these hold: 
     82   * Both of these hold: 
    8383     * The module was compiled with `-XSafe` and without `-XUntrustworthy` 
    8484     * All of M's direct `imports` are trusted by C 
    85    * Or all of these hold: 
     85   * OR all of these hold: 
    8686     * The module was compiled with `-XTrustworthy` 
    8787     * All of M's direct `safe imports` are trusted by C 
     
    114114}}} 
    115115Suppose client C decides to trust package P.  Then does C trust module M?  To decide, C must check M's imports: 
    116  * M imports `System.IO.Unsafe`?  C trusts P's author, and M was compiled with `-XTrustworthy` so P's author takes responsibility for that import.  So C trusts M. 
     116 * M imports `System.IO.Unsafe`.   M was compiled with `-XTrustworthy`, so P's author takes responsibility for that import.  C trusts P's author, so C trusts M. 
    117117 * M has a `safe` import of `Buggle`, so P's author takes no responsibility for the safety or otherwise of `Buggle`.  So C must check whether `Buggle` is trusted by C.  Is it?  Well, it is compiled with `-XSafe`, so the code in `Buggle` itself is machine-checked to be OK, but again under the assumption that `Buggle`'s imports are trusted by C.  Ah, but `Prelude` comes from `base`, which C trusts, and is (let's say) compiled with `-XTrustworthy`. 
    118118