On Mon, 26 Apr 2021, Tom Ellis wrote:
I'm curious whether there's anyone in this thread who takes a different point of view, in absolute terms.
The point of contention for me (and I would guess for others too) is whether meagre resources at our disposal should be put towards SafeHaskell and other Haskell-based language checkers, or we should just use what the (comparatively) large and experienced Linux, *BSD, etc.. developers are already providing and many users are already using for hardening efforts.
When SafeHaskell came out I found it a good way to mark modules as Safe in order to be warned by GHC if they are actually unsafe. Unfortunately I did not mark many modules this way. If GHC features are too complex to give such safeness warranties then I think this is a problem on its own. How would we evaluate code of other authors? Today, I would add Safe to all modules of a critical package and watch where that fails and why. This use case cannot be managed by any sandboxing, container or virtualization technique.