@aeva @tg it is true. But that was the result of server applications written to be managed by large groups.
there is a lack of web infrastructure written to be secure as a priority. In your case something like OpenBSD for forum systems.
This plus tight security rules and new sandboxed and controlled installations could be what we need