[GHC] #10826: [Security] Safe Haskell can be bypassed via annotations
GHC
ghc-devs at haskell.org
Fri Sep 4 06:33:32 UTC 2015
#10826: [Security] Safe Haskell can be bypassed via annotations
-------------------------------------+-------------------------------------
Reporter: spinda | Owner:
Type: bug | Status: new
Priority: highest | Milestone: 7.10.3
Component: Compiler | Version: 7.10.2
Resolution: | Keywords:
Operating System: Unknown/Multiple | Architecture:
Type of failure: GHC accepts | Unknown/Multiple
invalid program | Test Case:
Blocked By: | Blocking:
Related Tickets: | Differential Revisions:
-------------------------------------+-------------------------------------
Comment (by kanetw):
I don't think it's possible to run the import check before
typechecking/renaming as it requires a TcGblEnv (see checkSafeImports).
You could run rnImports/maybe tcRnImports first, then check safety based
on those imports, then do the rest. But I'm not sure whether that'll be
sufficient for Safe Haskell. I'll take a closer look tomorrow.
I have a patch that just plain disables annotations under Safe Haskell; if
that's acceptable (as a workaround at least) I can post it on Phab.
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/10826#comment:5>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list