On Thursday, 17 November 2016 at 17:29:20 UTC, Nordlöw wrote:
On Thursday, 17 November 2016 at 17:27:01 UTC, Stefan Koch
wrote:
It allows encapsulating unsafe operations in safely-callable
wrappers.
So is this a limitation in Rust? If so, could you give a more
concrete D code example that cannot be implemented with only
two safety levels?
Try to implement a safe memory allocator with only two levels.
Memory is inherently unsafe. But it can be treated in a safe way.
A language that does not allow you to express a middle ground
will have a lot of unsafe code that could arguably be seen as
safe.
