Re: proposal: add 'unsafeCoerce'

On Friday 10 November 2006 17:43, Samuel Bronson wrote:

On 11/10/06, Ashley Yakeley wrote:

...

kahl@cas.mcmaster.ca wrote:

...

I'd much prefer Data.Unsafe.

I'd like to see all unsafe function in an Unsafe.* hierarchy (possibly consisting only of the single module Unsafe). Thus one could avoid unsafety altogether by avoiding the Unsafe and Foreign hierarchies.

Couldn't you just avoid using functions having "unsafe" as a name prefix? Its not like they have names like "inocuousPerformIO" or anything!

It would be nice to be able to disallow all unsafe code by managing module imports. Suppose I want to run untrusted code. If I can verify that it doesn't use FFI, that it uses no unsafe primitives, and that it typechecks, then I know it is _unconditionally_ typesafe. If I can disallow unsafe primitives by just limiting the Unsafe.* and Foreign.* modules, that's a big win. If I instead have to keep a list of unsafe functions, that's not so good. So, I guess count this as another vote for Unsafe.* -- Rob Dockins Talk softly and drive a Sherman tank. Laugh hard, it's a long way to the bank. -- TMBG