Face it. No system out there is 100% secure. There's always be another bug to exploit to be found, the kernel is too complex for anything else.
Therefore, a good risk mitigation strategy is to reduce the attack surface. A bug is found that's only exploitable with shell code? Fine, if the machine doesn't give you a shell, you're safe. (Unless you find a bug in another program you can access which has a bug that gives you a shell.)
This is not Linux specific. Every other nontrivial OS out there exposes you to the same set of risks, more or less.
A real vote of no confidence would be if they chose to run kernel.org on *BSD