I completely agree with this. If something seems at first blush to enforce a security control, but does not in reality, it should somehow be made very clear that it is just disabling a footgun rather than actually enforcing a security control. Either the setting in the config file needs to be named something silly like disable_alter_system_not_a_security_feature, or it needs to be overridable with something like "WITH FORCE", to make it really clear that all it is is a stumbling block rather than a control.