Hi, I recently watched a recording of Theo's talk on pledge at EuroBSDCon 2017, in which the question of memory-safe languages and their practical usefulness came up. Specifically, someone in the audience criticized the approach taken by OpenBSD, which (as I understand) accepts that all software is broken and mitigates the damage caused by various classes of exploits through techniques like ASLR, and suggested that instead one should stick to "memory safe languages" to avoid these exploits altogether.
As a response to this, Theo asked rhetorically "Where's ls, where's cat, where's grep, and where's sort?", implying that noone so far bothered to write implementations of even the basic unix utilities in such a language. This brings me to the question, what if someone actually bothered? Under what conditions would you consider replacing one of the current C implementations with an implementation written in another, "safer" language? Note that with Cgrep and haskell-ls, there do in fact exist implementations/analogues of two of the mentioned utilities in a memory safe language (Haskell). Best, Nicolas Schmidt
