There is no question that programming in C and C++ requires skill, and that memory management is an issue, and automatic heap allocation and garbage collection is the popular solution to that issue, but there is no silver bullets, and they are always compromises. I
Yes, project need to be written with security in mind.
There are program with few security hole written in C/C++ but most of the time they use special API for strings, allocation,
...
For example vsftpd :
http://vsftpd.beasts.org/#security
Again, there are no silver bullets. For instance, the Java sandbox is one solution to a security issue. It is not perfect, and it's imperfections lead to a false sense of security. It is ok for developers to be sloppy because garbage collection and the sandbox will protect the user.
Sandbox doesn't imply high level language. Even in a sandbox, if it is not correctly configured, there can be security hole.
On the other side you can be sandboxing in C/C++ (using the OS). For example using chroot/PR_SET_SECCOMP
...)
I think the problem is writing a safe application is really hard and can be tricky. You need to know well "secure" programming and what offer the OS.
For the average programmer using high level language can help : it is the writer of the high level language who have managed security, not you. And you can expect them to do better than you.
