[immanuwell]

when multiple independent parties are simultaneously tripping over different holes in the same kernel, that's not bad luck, that's a systemic attack surface problem

[pjmlp]

Which gets even better by still using C.

Large majority of CVEs in the update are related to memory corruption, out of bounds and use after free.

Naturally the logic and wrong permissions ones would happen regardless of the language.

[sitkack]

A strong enough type system can catch permission problems.

[pjmlp]

The solution there would be a capabilities based OS, however adoption hasn't been great on that regard.

[sitkack]

I'd love to see CHERI (for the room) and Wasm take off, no time like the present.

https://en.wikipedia.org/wiki/Capability_Hardware_Enhanced_R...

https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/