Safe Haskell trust - Glasgow-haskell-users - Haskell.org

newer
GHC-7.8 warning on rules that may...

Safe Haskell trust

older
SV: PROPOSAL: Literate haskell and...

Fabian Bergmark

16 Mar 2014 16 Mar '14

12:57 p.m.

Im using the Hint library in a project where users are able to upload and run code. As I don't want them to do any IO, I run the interpreter with -XSafe. However, some packages (in my case aeson) are needed and I therefore tried marking them as trusted with ghc-pkg trust aeson. This seems to have no effect however and the interpreter fails with: Data.Aeson: Can't be safely imported! The module itself isn't safe Is there any way to get XSafe-like guarantees with the ability of allowing certain packages?

Reply

Sign in to reply online Use email software

Show replies by date

Edward Kmett

16 Mar 16 Mar

1:34 p.m.

Not directly. You can, however, make a Trustworthy module that re-exports the (parts of) the Unsafe ones you want to allow yourself to use. -Edward On Sun, Mar 16, 2014 at 12:57 PM, Fabian Bergmark

wrote:

Im using the Hint library in a project where users are able to upload and run code. As I don't want them to do any IO, I run the interpreter with -XSafe. However, some packages (in my case aeson) are needed and I therefore tried marking them as trusted with ghc-pkg trust aeson. This seems to have no effect however and the interpreter fails with:

Data.Aeson: Can't be safely imported! The module itself isn't safe

Is there any way to get XSafe-like guarantees with the ability of allowing certain packages? _______________________________________________ Glasgow-haskell-users mailing list Glasgow-haskell-users@haskell.org http://www.haskell.org/mailman/listinfo/glasgow-haskell-users

Reply

Sign in to reply online Use email software

Fabian Bergmark

17 Mar 17 Mar

9:10 a.m.

I downloaded aeson and modified Data.Aeson to be trustworthy and I can now use it with Hint and XSafe. I however stumbled upon some strange behavior. I use loadModules to import some modules from the same package, and then use setImports with a list of user provided modules. Some explanation about their difference would be appreciated, as the documentation is rather short. The modules loaded with loadModules seems to be checked, ie. can't import unsafe modules, but those imported with setImports are not, ie. the user can import unsafe modules. Have I misunderstood the documentation or is this a flaw in Hint? 2014-03-16 18:34 GMT+01:00 Edward Kmett :

Not directly. You can, however, make a Trustworthy module that re-exports the (parts of) the Unsafe ones you want to allow yourself to use.

-Edward

On Sun, Mar 16, 2014 at 12:57 PM, Fabian Bergmark wrote:

...
Im using the Hint library in a project where users are able to upload and run code. As I don't want them to do any IO, I run the interpreter with -XSafe. However, some packages (in my case aeson) are needed and I therefore tried marking them as trusted with ghc-pkg trust aeson. This seems to have no effect however and the interpreter fails with:

Data.Aeson: Can't be safely imported! The module itself isn't safe

Is there any way to get XSafe-like guarantees with the ability of allowing certain packages? _______________________________________________ Glasgow-haskell-users mailing list Glasgow-haskell-users@haskell.org http://www.haskell.org/mailman/listinfo/glasgow-haskell-users

Reply

Sign in to reply online Use email software

Daniel Gorín

11:08 a.m.

Hi Fabian, In general, the behavior you get from hint should be more or less the same one you would observe in ghci, the mapping being roughly: loadModules ~~~> :load setImports ~~~~> :module In ghci, if you have a package installed (and is not hidden in your session), then I believe you can use :module to put any of its public modules in scope with (Safe or otherwise), am I right? If so, that should explain what you are observing… Daniel On 17 Mar 2014, at 14:10, Fabian Bergmark wrote:

I downloaded aeson and modified Data.Aeson to be trustworthy and I can now use it with Hint and XSafe. I however stumbled upon some strange behavior. I use loadModules to import some modules from the same package, and then use setImports with a list of user provided modules. Some explanation about their difference would be appreciated, as the documentation is rather short. The modules loaded with loadModules seems to be checked, ie. can't import unsafe modules, but those imported with setImports are not, ie. the user can import unsafe modules.

Have I misunderstood the documentation or is this a flaw in Hint?

2014-03-16 18:34 GMT+01:00 Edward Kmett :

...
Not directly. You can, however, make a Trustworthy module that re-exports the (parts of) the Unsafe ones you want to allow yourself to use.

-Edward

On Sun, Mar 16, 2014 at 12:57 PM, Fabian Bergmark wrote:

...
Im using the Hint library in a project where users are able to upload and run code. As I don't want them to do any IO, I run the interpreter with -XSafe. However, some packages (in my case aeson) are needed and I therefore tried marking them as trusted with ghc-pkg trust aeson. This seems to have no effect however and the interpreter fails with:

Data.Aeson: Can't be safely imported! The module itself isn't safe

Is there any way to get XSafe-like guarantees with the ability of allowing certain packages? _______________________________________________ Glasgow-haskell-users mailing list Glasgow-haskell-users@haskell.org http://www.haskell.org/mailman/listinfo/glasgow-haskell-users

_______________________________________________ Glasgow-haskell-users mailing list Glasgow-haskell-users@haskell.org http://www.haskell.org/mailman/listinfo/glasgow-haskell-users

Reply

Sign in to reply online Use email software

4083

Age (days ago)

4084

Last active (days ago)

Download

3 comments

3 participants

tags

participants (3)

Daniel Gorín
Edward Kmett
Fabian Bergmark