A suggestion for the next high profile Haskell project [Was: Re: [Haskell-cafe] What is a hacker?]

Magnus Therning magnus at therning.org
Sun Dec 17 16:46:31 EST 2006 

On Sun, Dec 17, 2006 at 15:43:27 +0300, Bulat Ziganshin wrote:
>Hello Magnus,
>
>Friday, December 15, 2006, 7:26:41 PM, you wrote:
>
>> When reading this[1] I couldn't help thinking that rewriting GPG is
>> an excellent opportunity for using Haskell to have an impact on the
>> world.
>
>Haskell can't provide fast execution speed unless very low-level
>programming style is used (which is much harder to do in Haskell than
>in C, see one of my last messages for example) AND jhc compiler is used

You are right, of course, speed may be an issue.  However, I believe
that in implementing something like GPG correctness is a whole lot more
important than speed.  If the speed of a pure Haskell implementation is
a problem then it's always possible to implement a few critical pieces
in C.

As it stands now GPG is written in C and only C.  All large bodies of
source has security problems, C is notorious for being "difficult" in
regard to security.  A pure Haskell (or at least as pure as possible)
would

 1. Contain less lines of code.  Less code means less code that may
    contain security issues.
 2. Avoid security issues due to interference between features.  Many a
    security issue has sprung from unintended interference, or
    assumptions, in (global) state.
 3. Be garbage-collected, memory-allocation is a source of many security
    issues.
 4. Push type safety a _lot_ further than C can.  No pointer arithmetic,
    no string-as-a-pointer-to-a-char, no implicit type conversion, no
    accidental mixing of signed and unsigned types (correct me if I'm
    wrong here), ...

There is of course the possibility that Haskell would bring a whole slew
of yet-to-be-determined security issues.  I doubt it will be worse than
C though.

/M

-- 
Magnus Therning                             (OpenPGP: 0xAB4DFBA4)
magnus at therning.org             Jabber: magnus.therning at gmail.com
http://therning.org/magnus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.haskell.org/pipermail/haskell-cafe/attachments/20061217/2734cf1d/attachment.bin

More information about the Haskell-Cafe mailing list