"Simon Marlow"
To subvert GHCi's paranoia, just put this in your $HOME/.ghci:
:def source IO.readFile :source ./.ghci
(for extra marks, you could make it check that `pwd` /= $HOME, that you hadn't already loaded ./.ghci).
Aha! That's the ideal solution I was hoping for: if I locally disable the normal loading of .ghci files in the current directory, each user can effectively define their own security policy in their ~/.ghci file using this trick. Thanks! Given this, could I suggest a compile-time option to globally disable reading .ghci files in the current directory (whilst still reading ~/.ghci), for sites where files might not be trusted even where they're writable only by the current user? (E.g. if I mount a random CD on this box, it'll come up under my UID with 600 permissions, but I wouldn't necessarily want to trust a .ghci file on there.) Or is this too specialised a case to merit a configure script option? Cheers, Chris.