13 Feb
2014
13 Feb
'14
9:01 a.m.
hi,
The process is run with user 'nobody', so hopefully that will be a bit safer, i.e.
a bit, yes. apart from breaking out of the account (and becoming root) via os vulnerabilities the user can send any network traffic they like, which might or might not be ok. also there might be any number of important processes running for user nobody. you better use a dedicated user for running ghci. that might also allow you to sandbox the account easier (firewall and dac's/mac's, etc. i don't know what's available on mac os x). you might also like to look into SafeHaskell to restrict what users can do. good luck, tobias florek