That's my opinion as well. I run Emacs 24/7 but I do so inside Firejail, with no network access. It's not architected with security in mind and exploits are too easy.

The same can be said about the Linux userland. The Unix model of giving plenty of access to resources and any user file to user processes is outdated.

I find it frustrating something like Firejail or bwrap is not standard. I don't want a compromised program to have easy access to e.g. my SSH keys.