Author here: you could in principle, but in practice neither the library nor the executable compiler provide out-of-the-box support for limiting the number of reductions
Dhall's basic approach to safety is:
* make it impossible to intentionally do something malicious (such as destroying something important)
* make it hard to unintentionally do something incorrect or inconvenient (such as running for a long time)
For example, you can intentionally write a program that takes a very long time to run if you want to, but you will almost certainly know you are doing so; it's hard to write such a program by accident. In general, programming in a non-Turing-complete language forces you to structure code in such a way that potentially long-running code is more "obvious" than in Turing-complete languages.
Dhall's basic approach to safety is:
* make it impossible to intentionally do something malicious (such as destroying something important)
* make it hard to unintentionally do something incorrect or inconvenient (such as running for a long time)
For example, you can intentionally write a program that takes a very long time to run if you want to, but you will almost certainly know you are doing so; it's hard to write such a program by accident. In general, programming in a non-Turing-complete language forces you to structure code in such a way that potentially long-running code is more "obvious" than in Turing-complete languages.