>This is actually a great idea from Perl. Essentially an anti-monad.
This is an old and deep idea in computer security.
DoD was (is?) interested in systems where, i.e. if a process reads a Top Secret document, then the OS enforces that it can longer write to merely Secret or Unclassified files/IO devices. That way, even a fully compromised process dealing in Top Secret files can't exfiltrate them to a less secure place.
It turns out that in systems designed around this "taint" (they call it "label") construct, everything tends to collect the taint/labels, so things having taint can't be restricted very much or the program can't do anything useful.
I'm in the middle of this security engineering textbook [0] and I love it.
This is an old and deep idea in computer security.
DoD was (is?) interested in systems where, i.e. if a process reads a Top Secret document, then the OS enforces that it can longer write to merely Secret or Unclassified files/IO devices. That way, even a fully compromised process dealing in Top Secret files can't exfiltrate them to a less secure place.
It turns out that in systems designed around this "taint" (they call it "label") construct, everything tends to collect the taint/labels, so things having taint can't be restricted very much or the program can't do anything useful.
I'm in the middle of this security engineering textbook [0] and I love it.
[0] https://www.safaribooksonline.com/library/view/security-engi...