safety model in D
Andrei Alexandrescu
SeeWebsiteForEmail at erdani.org
Wed Nov 4 09:17:10 PST 2009
Jesse Phillips wrote:
> Andrei Alexandrescu Wrote:
>
>> Jesse Phillips wrote:
>>> On Tue, 03 Nov 2009 23:13:14 -0600, Andrei Alexandrescu wrote:
>>>
>>>>> I think the only real option is to have the importer decide if it is
>>>>> trusted.
>>>> That can't work. I can't say that stdc.stdlib is trusted no matter how
>>>> hard I try. I mean free is there!
>>> I would like to disagree here.
>>>
>>> void free(void *ptr);
>>>
>>> free() takes a pointer. There is no way for the coder to get a pointer in
>>> SafeD, compiler won't let them, so the function is unusable by a "safe"
>>> module even if the function is imported.
>> Pointers should be available to SafeD, just not certain operations with
>> them.
>>
>> Andrei
>
> I must have been confused by the statement:
>
> "As long as these pointers are not exposed to the client, such an implementation might be certified to be SafeD compatible1 ."
>
> Found on the article for SafeD. I realize things may change, just sounded like pointers were not ever an option.
Yes, sorry for not mentioning that. It was Walter's idea to allow
restricted use of pointers in SafeD. Initially we were thinking of
banning pointers altogether.
Andrei
More information about the Digitalmars-d
mailing list