-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Donald Bruce Stewart wrote:
Lambdabot uses 1) type guarantee of no-IO at the top level, along with 2) a trusted module base (pure module only, that are trusted to not export evil things), as well as 3) restricting only to H98-language only (things like TH can, and have been, exploited, for example).
And lambdabot's only allowing _expressions_, so GHC's (former?) vulnerability to instances of Ix that return out-of-bounds indexes did not affect it. There are some extensions that are safe... explicit forall, rank-N types, etc... which can be enabled on an "opt-in" basis so that only safe ones are chosen? Isaac -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGWE1oHgcxvIWYTTURAls9AKDSwV4zW/GcpZQVGi+9n+EBfWr15ACePP3h r7G5fr7Ac8RezZZ7fXNRjHE= =UWFu -----END PGP SIGNATURE-----