Donald Bruce Stewart wrote:
Something like: Unsafe.IO Unsafe.ST ?
Possibly even migrating Foreign to Unsafe.Foreign.
This came up recently when discussing why peek and poke aren't 'unsafe' but Data.Array.Base.unsafeRead/Write are.
It would make it easier to control the system in program like lambdabot, which evaluate arbitrary user code, and thus need to restrict the namespace to a trusted base that can't contain any unsafe* functions. Checking that functions (particularly Array) don't export anything unsafe was a bit tedious.
Yes, I was thinking of this too. It would be nice to be able to deal securely with untrusted code in general, but of course that depends what format the code is in anyway. -- Ashley Yakeley, Seattle WA WWEWDD? http://www.cs.utexas.edu/users/EWD/