Caterpillar

Yesterday, I talked about the platform concept that I'm stealing from Roc. That concept doesn't just improve portability. It's also good for security.

If every I/O primitive that a library can use must be passed as an argument, that means you know exactly what a given library can do. It won't just access the filesystem and read your data unexpectedly. And you can further increase security by making access more fine-grained. Pass a limited instance of the filesystem interface, that just allows access to the specific directory that you expect a library to write to.

And by treating access to heap memory as an I/O primitive, as I intend to do in Caterpillar, you can even apply this concept to memory safety.