Ben, you are talking about something entirely different.
The issue with the bio being html vs. not is unrelated to
this; for the bio it's simply that no one has taken the
time to make the bio allow mixed formatting (richtext, html, plain). The technical consideration here is that for every
field you want to change to allow mixed formatting like that
you need to carry around the "format" field as well.
I think it's important to fix but it's really pretty unrelated to the issue of what html is safe to allow
through versus not.
I think good security is not
something we should sacrifice for ease of use (at least
not by default); look at the reputation phpNuke et al
have for security laxness. Much of it springs from
a history of these sorts of exploits. Ultimately
it's something that, if we want OpenACS to be acceptable
for anything other than personal sites, we need to
take care not to permit.