Developers are much more security aware these days. Wayland will not require root privileges which means a buffer overflow isn't as critical. It also will not be network transparent which reduces the attack surface enormously. Then remember it was created because xorg had accumulated so much cruft over the years because of its obligation to support dozens of outdated X11 extensions nothing (except for emacs :)) uses. Hopefully that means Wayland's devs will keep it lean and clean and easy to secure.
(1) Developers tend to be more aware of secure programming issues than they were in the 1990s, when you could coerce a shell out of a lot of SUID programs and network daemons with a well-placed pipe filter or semicolon character. But that doesn't make them better at implementing more securely. Case in point: Nginx, a codebase that was designed from the start for modern C secure programming, had an integer overflow just a couple days ago; a couple years back, our team found another serious Nginx bug (that time, an info leak) stemming from their attempts to be extra-cautious. So simply being aware of secure programming issues isn't an assurance that code is actually more secure.
(2) More importantly: it doesn't matter so much if there are fewer memory corruption vulnerabilities in C programs. Like I said before: what matters is if there are any of them, or at least any that can be discovered in a reasonable amount of time. In (say) C# or Java serverside code that doesn't call out to C code, we can say with some assurance that there aren't any such flaws; we don't have to stare at the same 10,000 lines of code for a month to prove that to ourselves. You simply can't say that about C codebases. There could be a memory corruption flaw in Dovecot right now, or in Postfix, or (less likely, but still...) tinydns.
Well, we're going to have to agree to disagree. I do think security has improved since the 1990s. I think that this kind of "we're all doomed, it doesn't matter what you know" attitude that you are displaying is exactly the problem. It does matter what you know and how you architect the system. Security has improved a lot, even on platforms like Windows that are heavily C/C++ based.
Garbage collected languages are nice, but they're really just an extension of the general principle of minimizing the trusted code base. They are not a silver bullet (witness the recent Java, Ruby, etc exploits). I am all in favor of these languages, and especially Golang, which shows a lot of promise.
What I'm not in favor of is using a really crappy program written in language X as a stick to beat the language designers with, regardless of what value of X we're talking about.
I gave specific examples of modern C codebases for which lots of attention had been paid to security that subsequently suffered vulnerabilities stemming from memory corruption. You respond with "garbage collected languages are nice but they're really just an extension of the general principle of minimizing the trusted codebase", which is nonresponsive to my point. We agree: we disagree.
I don't think it's negligent to write things in C. I like C, a lot; it's my first language. But stop kidding yourself that with just a couple modern development practices you'll produce code in C that is comparably secure to Python or serverside Java. You won't.
I'm really annoyed by your refusal to stay on topic. I pointed out a specific problem with security in many higher level languages-- the presence of eval and eval-like constructs in the language. You changed the topic. I pointed out that minimizing the size of the trusted code base, and reducing the privileges with which code runs is the foundation of any successful attempt to make secure coding easier. You changed the topic.
I'm really tired of the ideology that everything written in C is insecure, and everything written in higher-level languages smells like roses. Should we be surprised that things like Wordpress, Ruby on Rails, and even client-side Java are riddled with security vulnerabilities? Well, when programmers refuse to learn from the mistakes of the past, and think using a higher-level language is a magic elixir for achieving security, it's not a surprise.
