As the recent event with reversed token transfer has shown, it's standard practice for contracts on EOS to be fully editable by its creators. However, that makes the whole idea of executing contracts on-chain wasteful!

From the security point of view, the only thing gained from public execution is visible fraud: when the code gets sneakily edited to eg. steal users' EOS, the theft attempt becomes visible to everyone.

The exact same behavior can be reproduced by only storing code and all transaction data on-chain: the code gets executed on a private server owned by a dapp owner, its result signed by him and pushed on-chain.
Anyone interested is free to locally execute that particular transaction to prove possible fraud, exactly like in the case of a sneaky edit. The only thing that has to be executed on-chain is signature verification and hashing the incoming data.

As on-chain execution is always going to be much more expensive than local execution, executing everything locally should drastically reduce dapp running costs. No need to worry about EOSRAM at all - the only thing each dapp needs to store is hash of its most recent state.