Maybe we can have a common good parachain for this purpose.
Every other parachain can opt-in to authorize this rescue parachain to have the upgrade permission IFF there is no para block finalized on relaychain for more than X mins.
And then this rescue parachain can implement some simple voting method to allow people to vote the rescue wasm runtime. Interchain Proof Oracle Network will be used to proof holding of funds.
So then instead of seeking DOT/KSM holders’ approval, the parachain token holder can self-service to rescue their parachain.