> [Homebrew gives your user ownership of /usr/local.] That's laughable and I don't know how it gets a pass from everyone.

A big part of it is that Mac users don't generally think of or treat macOS as a multiuser operating system. It's a single-user Unix, baby!! (:

But even without that choice, malicious aliases for brew, or PATH changes and a malicious ~/.local/bin/brew would be possible.