Is @safe still a work-in-progress?
jmh530
john.michael.hall at gmail.com
Fri Aug 17 17:26:48 UTC 2018
On Friday, 17 August 2018 at 14:26:07 UTC, H. S. Teoh wrote:
> [...]
>
> And that is exactly why the whole implementation of @safe is
> currently rather laughable. By blacklisting rather than
> whitelisting, we basically open the door wide open to loopholes
> -- anything that we haven't thought of yet could potentially be
> a @safe-breaking combination, and we wouldn't know until
> somebody discovers and reports it.
>
> Sadly, it seems there is little interest in reimplementing
> @safe to use whitelisting instead of blacklisting.
>
>
> T
Fundamentally, I see it as a good idea. Walter has talked about
how important memory safety is for D. People thinking their @safe
code is safe is a big problem when that turns out to not be the
case. Imagine the black eye D would have if a company was hacked
because of something like this?
IMO, the problem is that you can't just replace @safe as it is
now. You could introduce something like @whitelist or
@safewhitelist and begin implementing it, but it would probably
be some time before it could replace @safe. Like when @whitelist
is only breaking unsafe code.
More information about the Digitalmars-d
mailing list