I think this in itself is an the heart of the issue.
I wouldn't personally actually be concerned about security in the domains where I'd find this useful.
Consider a LISP machine (designed from the ground up to give maximum flexibility to the developer), versus iOS (designed from ground up for end user experience). Each serves it's own purpose well, but the purposes are entirely distinct.
In the context of a modern consumer device, we have to surrender flexibility in certain areas in order to ensure end-user experience. Third party apps must be sandboxed, so they cannot disrupt battery life, network stack, or monopolise user interface, etc.
That doesn't imply that certain LISP machine concepts aren't useful in user-space. Increased introspection and debugging support all to the good.