Obviously not. If it is -really- unwise, then we should just not do it. I see no evidence that is the case though. How, exactly, could this hook be remotely and uniquely exploited?
We need to keep our signal handling code to a minimum since we can make no assumptions about the system integrity once we enter such routines. Allowing a hook to always be run by default seems like asking for trouble (because it'd be a global structure that might be susceptible to being maliciously overwritten).
We've had strong recommendations from security types in the past to remove sig_coredump entirely. -- justin