Changes between Version 27 and Version 28 of SafeHaskell


Ignore:
Timestamp:
Jan 19, 2011 8:05:44 AM (5 years ago)
Author:
simonpj
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SafeHaskell

    v27 v28  
    8080
    8181 * A '''module M from package P is trusted by a client C''' iff
    82    * Either both of these hold:
     82   * Both of these hold:
    8383     * The module was compiled with `-XSafe` and without `-XUntrustworthy`
    8484     * All of M's direct `imports` are trusted by C
    85    * Or all of these hold:
     85   * OR all of these hold:
    8686     * The module was compiled with `-XTrustworthy`
    8787     * All of M's direct `safe imports` are trusted by C
     
    114114}}}
    115115Suppose client C decides to trust package P.  Then does C trust module M?  To decide, C must check M's imports:
    116  * M imports `System.IO.Unsafe`?  C trusts P's author, and M was compiled with `-XTrustworthy` so P's author takes responsibility for that import.  So C trusts M.
     116 * M imports `System.IO.Unsafe`.   M was compiled with `-XTrustworthy`, so P's author takes responsibility for that import.  C trusts P's author, so C trusts M.
    117117 * M has a `safe` import of `Buggle`, so P's author takes no responsibility for the safety or otherwise of `Buggle`.  So C must check whether `Buggle` is trusted by C.  Is it?  Well, it is compiled with `-XSafe`, so the code in `Buggle` itself is machine-checked to be OK, but again under the assumption that `Buggle`'s imports are trusted by C.  Ah, but `Prelude` comes from `base`, which C trusts, and is (let's say) compiled with `-XTrustworthy`.
    118118