Most code isn't part of the remote attack surface.
Also there would be no software bugs if bugs only existed in the past... ie bugs come with updates, not just fixed by updates.
There are trade offs, and Linux developers decided to make it what was easiest for them and remove the ability for the user to choose.
If there wasn't a need for stability and isolation then docker et al wouldn't exist.
Most code isn't part of the remote attack surface.
Also there would be no software bugs if bugs only existed in the past... ie bugs come with updates, not just fixed by updates.
There are trade offs, and Linux developers decided to make it what was easiest for them and remove the ability for the user to choose.
If there wasn't a need for stability and isolation then docker et al wouldn't exist.