Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Programming is difficult, writing kernels even more so; hence there will be bugs. It's not a language issue.


Google and a large majority of Linux kernel developers think otherwise hence Kernel Self Protection Project.

According to Google 68% of 2018 CVE's were caused by C's lack of bounds checking.

Google is also collaborating with ARM on their memory tagging extensions to tame C.

Like everyone else you can go watch the Linux Kernel Summit 2018 talks.

Oracle also thinks otherwise, hence Solaris with SPARC ADI memory tagging turned on by default.

DoD has a report where UNIX typical exploits weren't possible in Multics thanks to PL/I instead of C.

https://multicians.org/b2.html


it is a language issue




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: