But only if you don't use any external libraries, once you link in someone else's code, you can no longer be sure your program is "safe".
using an external library is not "on your own"
Therefore, language features to prevent a class of exploits should be a high priority when considering a project.
Do many people really use the kernel syscall interface directly?
This also fits in with the "keeping a secret" analogy. Good luck keeping something secret, if it has to be shared between organizations.