Please explain to me why {echo:} security is like this

I see a lot of posts on the forum about echo and that many people can’t add it correctly because they either don’t want to create and edit function.php or the php plugins don’t work as expected.

Now the question. Why is it necessary to put new users through this pain? Those clients to whom I advertise bricks complain to me.

Why should a site administrator with full rights do all this? This approach does not add security in any way since the administrator can manage files on the server by installing a file manager.

Why can’t the administrator be given the opportunity to create exclusion data through the site’s admin panel?

If the security policy prohibits storing exceptions in the database, we can always write them to a file. We’ll end up with the same effect without having to scare people away.

Who has time, explain to me why this approach is safe, because the administrator already has access to the entire site, including files on the server, through file manager plugins.

Why can’t it be done this way?