[Hat] trusting standard libs

Malcolm Wallace Malcolm.Wallace at cs.york.ac.uk
Wed Jul 13 08:18:46 EDT 2005

Bernard Pope <bjpop at cs.mu.OZ.AU> writes:

> > > Is it possible to set all/some Prelude modules to untrusted in Hat?
> Buddha has the same problem. 
> One idea that was floating around in my head was to supply trusted and
> untrusted versions of all the standard libs, and disambiguate them using
> the hierarchical module namespace.

It would probably be easier to just make two separate object archives,
one trusted, one suspect, then use a compile-time flag to decide
which one to link against.

> For instance you might have a Trusted hierarchy and a Suspicious
> hierarchy.  Then it is up to the user to import one or the other.

I don't think it is a good idea to ask the user to modify their own
code - they might introduce a new fault, or accidentally mask the
one they were trying to investigate.


More information about the Hat mailing list