System variables wsrep_provider and wsrep_notify_cmd system can be modified at run time by a database user with SUPER privileges.
The first variable takes a path to the .so library that the server will try to dlopen(). The second takes a path to the shell script that the server will execute. Having them writable allows a database user with SUPER privilege to execute arbitrary code as the system mysql user.
It seems that there is little (or no) practical use case for having these variables being modified at run-time, it's only ever used in tests. That is making them read-only would be an easy and safe fix for the above issues, at the cost of slightly more complex test scripts.