misplaced @trust?
Steven Schveighoffer via Digitalmars-d
digitalmars-d at puremagic.com
Thu Feb 5 11:11:32 PST 2015
On 2/5/15 1:54 PM, H. S. Teoh via Digitalmars-d wrote:
> However, I don't agree that the entire function can be marked @safe.
> Otherwise, @safe code will now contain arbitrary @trusted blocks inside,
> and so anybody can freely escape @safe restrictions just by putting
> objectionable operations inside @trusted blocks. The function still
> needs to be marked @trusted -- to draw attention for the need of
> scrutiny -- *but* the function body is still confined under @safe
> requirements, except that now the "escape hatch" of @trusted code blocks
> are permitted as well.
Let's assume @trusted means @safe code can call it, but it may have
@system-like functionality in it (however it happens).
Whether it's in an internal lambda/nested static function or not, the
point is, @safe code can call @trusted code. To say that @safe makes
some promises above/beyond @trusted is just incorrect.
Now, if you're saying @trusted cannot be called via @safe, then I don't
know what your plan is for @trusted :) If that's true, please explain.
-Steve
More information about the Digitalmars-d
mailing list