I respond to myself. After some reflexion, I fear that the security model of Eio is broken by the dynamic dispatch as exposed by the Resource module.
let foo (src : _ Flow.source) =
let (Resource.T (t, ops)) = src in
match Resource.get_opt ops Sink with
| Some (module M) -> (* I gain write access to my source *)
| None -> (* everything is fine)
Normally, if I pass a _ Flow.two_way to fooit should not be allowed to write to it, but I will fall in the Some branch and foo has gained privilege it should not have.