new Library Infrastructure spec.

Isaac Jones ijones at
Wed Jun 2 21:14:51 EDT 2004

"S. Alexander Jacobson" <haskell at> writes:

> Regarding making installation safe, Isaac Jones asked:
>> What about packages that install binary tools or data files?  I don't
>> want to limit the system to just libraries for the sake of this
>> security feature.
> and Simon noted:
>>  Setup.lhs runs in the IO monad else it would not be able to move
>> files or run a compiler.
> Moving (data) files can be done completely
> declaratively and safely.  Bob the Builder and Sam
> Sysadmin just needs to know if existing files or
> paths are being changed in the process.

I assume that your scheme has some kind of executable on Bob and Sam's
machines which knows how to install libraries and such, and this
system will also have to know how to perform the configuration.  Let's
call that StaticSetup (since it performs the tasks of Setup.lhs, but
on static information provided by Angela).  StaticSetup is a program
that Sam trusts.

Here are some more issues you're scheme will have to deal with:

1) Marcus Makefile.  He's important to us; he's a hard-core haskell
   developer and we want to support him.  How does he go about calling
   through to the "make install" command?

2) If you allow executables to be installed, you'll have to watch out
   for attacks which replace "ls" or something.  I guess you could
   have a warning for any package which tries to overwrite an existing
   file, though this may happen a lot for upgrading a current library.

3) There is some grey area between the Angela and Marcus use cases
   where she can perform extra preprocessing steps and configuration
   steps within the context of Setup.lhs (since she has all of Haskell
   at her disposal.)  In your scheme, there is no space between Angela
   and Marcus. You're either in or out when it comes to utilizing



More information about the Libraries mailing list