Safe haskell

Though Haskell is predominantly type-safe, implementations contain a few loopholes through which code can bypass typing and module encapsulation. This paper presents Safe Haskell, a language extension that closes these loopholes. Safe Haskell makes it possible to confine and safely execute untrusted, possibly malicious code. By strictly enforcing types, Safe Haskell allows a variety of different policies from API sandboxing to information-flow control to be implemented easily as monads. Safe Haskell is aimed to be as unobtrusive as possible. It enforces properties that programmers tend to meet already by convention. We describe the design of Safe Haskell and an implementation (currently shipping with GHC) that infers safety for code that lies in a safe subset of the language. We use Safe Haskell to implement an online Haskell interpreter that can securely execute arbitrary untrusted code with no overhead. The use of Safe Haskell greatly simplifies this task and allows the use of a large body of existing code and tools.

[1]  Peng Li,et al.  Encoding information flow in Haskell , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[2]  Simon L. Peyton Jones,et al.  Scrap your boilerplate: a practical design pattern for generic programming , 2003, TLDI '03.

[3]  William L. Harrison,et al.  Achieving information flow security through precise control of effects , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[4]  Koen Claessen,et al.  A library for light-weight information-flow security in haskell , 2008, Haskell '08.

[5]  Simon L. Peyton Jones,et al.  Generative type abstraction and type-level computation , 2011, POPL '11.

[6]  Mark S. Miller,et al.  Robust composition: towards a unified approach to access control and concurrency control , 2006 .

[7]  Úlfar Erlingsson,et al.  Automated Analysis of Security-Critical JavaScript APIs , 2011, 2011 IEEE Symposium on Security and Privacy.

[8]  David A. Wagner,et al.  Verifiable functional purity in java , 2008, CCS.

[9]  Luca Cardelli,et al.  Modula-3 Report (revised) , 1992 .

[10]  Steve Zdancewic,et al.  Translating dependency into parametricity , 2004, ICFP '04.

[11]  David A. Wagner,et al.  Joe-E: A Security-Oriented Subset of Java , 2010, NDSS.

[12]  Deian Stefan,et al.  Flexible dynamic information flow control in Haskell , 2012, Haskell '11.

[13]  Alejandro Russo,et al.  A Library for Secure Multi-threaded Information Flow in Haskell , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[14]  Marc Stiegler Emily: A High Performance Language for Enabling Secure Cooperation , 2007, Fifth International Conference on Creating, Connecting and Collaborating through Computing (C5 '07).

[15]  Simon Marlow,et al.  Haskell 2010 Language Report , 2010 .

[16]  Dan S. Wallach,et al.  A new approach to mobile code security , 1999 .

[17]  Isaac Jones,et al.  The Haskell Cabal A Common Architecture for Building Applications and Libraries , 2005 .

[18]  Mark S. Miller,et al.  Capability Myths Demolished , 2003 .