Security often comes at the price of convenience. If developers don't see what they're getting for the price they are paying, they start working around the inconveniences, which often undermines the security.

You don't want someone to write an ::untaint() sub somewhere and see everyone start using it indiscriminantly, do you?