I think you are mixing up two things: fixing a bug is not the same as reversing cash-flows that occurred before the bug was fixed. There were many bugs in BitShares but never any transaction was reversed by a hardfork. Those who gained profits (or loss) due to a bug were rightfully allowed to keep it.
Even in traditional legal systems, if there is a loophole in a bill passed by a parliament, and some people take advantage of it before the bill is amended, is it common practice to confiscate the money they've gained?
"rightfully" is a value judgement, and not one I agree with. Exploitation of software bugs for personal enrichment is not morally right, in my opinion.
Arhag really already covered the "legal arguments" in his initial post: under traditional legal systems, there is a distinction made between the spirit of the law and the letter of the law, and I'm very happy I live in a country where the spirit overrides the letter.
But please read the last paragraph of my last post and understand that all "rules" are just agreements between people, and there's no way I know of to currently enforce blind obedience to such laws in the face of disagreement by enough people. I'm very glad this is the case, and I fear a world in which it's not.
The word "rightfully" was not my value judgement - it is one of the fundamental principles the western civilization is based upon: the law does not apply retroactively.
I didn't address your previous point about mixing up two things, fixing a bug versus reversing cash flows, so I let me create a plausible hypothetical case of a "buggy" cash flow and how the consensus agreements we come to as users of cryptocurrency prevent them.
Imagine than one of the primary developers of a cryptocurrency slips in a line of code that enables him to grab as much of the coin as he wants (and then proceeds to use this function whenever he needs a new toy). What will happen? Practically speaking, one of two things will probably happen: 1) almost everyone will exit the coin and devalue it down to near zero, or 2) someone else will come along with a new client that removes this line of code and negates the impact of the transfers. I think you're essentially proposing a 3rd option: he should be able to keep any coin he transfers before he's caught. A forking of the coin is also a possibility in such cases, and this will generally be an unfavorable outcome for the group as a whole, especially if the split is fairly even.
Now, I'm not interested in arguing which of these stances is the most moral, that's a big topic and I don't have the time. But I strongly suspect that based on prevalent moral standards, most people are going to choose 2), assuming the coin is otherwise stable and they derive value from its usage. Anyways, whichever choice is made, it's a choice made by each individual involved and this coin only holds value because of these people. The nice thing about crypto is it is a voluntary association, and you can leave if you disagree with the group.
This is exactly my point. Some people want a safety net, some don't - even if they face such an extreme abuse as you described. Brushing off those people and treating them with contempt (by calling their attitude a joke) does not bring any value to the discussion. It's their choice and their freedom to take the risk. The crypto-space is big enough to accommodate all needs.
A loophole in a law is not analogous. A law is not a contract. In contracts, it is common practice to confiscate money gained by exploiting a loophole in a contract that deprives other parties to the contract of the benefit of the contract they reasonably expected.