Are programs/OSes written in D more secure than programs written in C/C++?

Kapps opantm2+spam at gmail.com
Wed Jun 6 20:18:13 PDT 2012 

On Wednesday, 6 June 2012 at 22:04:27 UTC, J.Varghese wrote:
> I'm not a programmer, so can someone explain this to me: Will
> programs and operating systems written in D be safer (I speak of
> both memory safety and security bugs) than existing operating
> systems written in C and C++? If so, what features and 
> attributes
> of D make this the case? How much safer is it? Would it be
> possible to identify all the bugs in an OS written in D (within 
> a
> reasonable timeframe) or is that still a pipedream?
>

D helps with a few security bugs related to memory by making a 
few things nicer.

But probably not the ones you're thinking of. The VAST majority 
of security problems you hear of are simply due to stupidity. SQL 
injection is probably one of the most common exploits now-a-days, 
and no programming language will save you from that. These 
exploits aren't directed to the language, but rather to external 
software / protocols and libraries to interface with them. For 
example, with SQL, you send a message to an external program (a 
database). SQL injection then is an attacker being able to put in 
their own things into that message when the server sends the 
messagew with your input.

However, in your libraries, there are ways to prevent certain 
bugs that are present in D but not so much in most other 
languages. For example, with most other languages, if you want 
someone to input a string to your function (in this case a string 
that represents a message to send to a SQL database), you don't 
know how that string was formed. In D, you could guarantee that 
this string was determined at compile time and thus prevent any 
strings that are made with user input, and thus completely 
prevent SQL injection. SQL databases have a protocol where you 
can send the input fields seperately, and just have the original 
message refer to them instead of give the actual values, and 
that's what you would use here. Again though, this is just D 
providing a feature for a library to use, not something that the 
D compiler will do for you.

More information about the Digitalmars-d mailing list