Andrei Alexandrescu wrote:
One more interesting thing that I see doable (and have seen done in e.g. Perl) is the @tainted attribute, which marks an untrusted string. That could help with [2], [6], [7], [9], [20].
I agree that engaging the type system's help to track untrusted data through the code can be very helpful.
