Was there a "should" missing from that sentence?
This would be a very interesting way to turn a false statement into a
false statement, even assuming we grant semantic coherence.
Since C and C++ compilers often have noticably different ways of
interacting with the environment, it's not necessarily safe to treat
them interchangeably. In particular, I suspect the much more elaborate
range of things that "local variables" contain in C++ creates a substantial
additional risk.
But! There is also the trivia point that a local variable of any type
can have its address taken and be treated as an array of one object of
that type, and I suspect at least some attacks have used that vector. Not
nearly as many, to be sure.
But ultimately, I don't think I buy the argument that this provides
substantial protection. I'm a lot more interested by, say, marking the
stack area as non-executable, which does a pretty good job of solving
things.
Just pragmatically, doing this would dramatically increase implementation
costs, especially on the systems which DO have a native "stack" implemented
by the CPU, because on those systems, keeping track of the second stack would
be much more expensive than keeping track of the first one. Even in
general, though, I don't think this would pay off particularly well.
-s