Say we have a type to encapsulate sensitive information, which can only be accessed by calling its SecretValue method:
type Secret struct {
secret string
}
func (s *Secret) SecretValue() string {
return s.secret
}
We wish to prevent the sensitive info secret from leaking into logs. Specifically, we want to ensure that the string returned by SecretValue() is never later passed as an argument to any method that can write to stdout, stderr, or a file -- that is, methods like fmt.Printf, fmt.Println, fmt.Errorf, etc.
Is it possible, either by static analysis of the code, or by using reflection at runtime, to enforce such a policy? If so, how, at a high-level, would this be achieved?
Is it even possible to enumerate "all methods in the standard library that can possible write to stdout, stderr, or a file"? If so, how?
