Tom Ellis
On Fri, Apr 23, 2021 at 05:50:37PM +0200, Joachim Durchholz wrote:
I just disagree with the idea that making syscall-level sandboxes has a better ROI than making language checkers.
I'm curious whether there's anyone in this thread who takes a different point of view, in absolute terms.
The point of contention for me (and I would guess for others too) is whether meagre resources at our disposal should be put towards SafeHaskell and other Haskell-based language checkers, or we should just use what the (comparatively) large and experienced Linux, *BSD, etc.. developers are already providing and many users are already using for hardening efforts.
Surely the whole point of Haskell is that it does things differently from other languages. Right from the beginning static checks were valued over runtime ones, and I’m sad to see that this aspect of the language seems to be undervalued these days. -- Jón Fairbairn Jon.Fairbairn@cl.cam.ac.uk