I feel like the "small unsafe blocks" vs. "large unsafe blocks" argument is becoming circular. However ...
... this seems like a legitimate problem that (I hope) everyone can agree is not well addressed by the current language. It seems to me that when an unsafe function takes a callback, it's more likely than not that the callback shouldn't be treated as within the unsafe block for the call to the unsafe function. But, in the current language, if you're using a closure for the callback, lexically, it is.
Like the other thread about "safe inside unsafe" and macros, I think I'd rather see this addressed by a change to default semantics, than by changing how people are expected to write code. What if we "just" changed things so that the effects of unsafe { ... } don't inherit to the body of any lambda expression inside the unsafe block? How much existing code would that break? It should be machine fixable when it does break.