On Sat, Apr 13, 2013 at 7:51 PM, Reindl Harald <h.reindl(a)thelounge.net>wrote:
which raises the question again:
would it be not the better way to build the whole distribution hardened
by expierience that nearly anything is exploitable over the long and
performance comes after security
The logical conclusion from this is to move to a language with automatic
memory management. The "top vulnerability" reports for programs written in
C/C++ and most other languages so different that starting a new project
that processes untrusted data in C/C++ is becoming indefensible.
We seem to be stuck with C as the lowest common denominator that can be
used from any runtime; long-term we _need_ to move away from that, or Linux
will gain the reputation of least-secure OS around.
Now, what to move to? I currently don't have see any language/runtime I
could recommend, which is in itself rather frightening.