I read this thread fully, as I have very little knowledge of Security of a User Account in PCLinuxOS.
I understand the concerns, but coming from a intense Windows security background, all I can do at this point, as people whose knowledge I respect seem concerned, is add some thoughts.
As far as Firefox, my default browser, I use Adblock plus, I clear all History, Cookies, and LSO's ( Better privacy is the Addon), at the end of the day, or Session, and use Keypassx, so I have very strong passwords for Logins to sites.
I used to use a MS app called 'Drop my Rights', which when applied to a Launcher, or Shortcut, for example, the execute command first went to Drop My Rights, and the program then ran with very limited rights. This was pre Vista, and was one of the little gems people posted about, in a Security minded Community.
Kind of sounds like a Script of this sort, which lessens priviledges of any program a user feels may be a risk, theoretically is a good idea. Also sounds like a huge undertaking.
As already said, making a New User, with Limited rights for using Internet apps, Browsers, et al. seems best way to limit attacks from the Internet.
You can easily turn Java, and Flash off, as we all know.
I have no real answers, being a noob, but I like this discussion, as Just17, whom I regard as knowledgable seems worried about security.
I don't see any problem with a "Security User Account" which people could choose to initiate, or not. It would limit whatever we believe are threats.
Bit befuddled that no real talk of exact, and real "Threats" has not been mentioned, (listed) just a need for someone to do something, but it seems this discussion should continue, and try to state what dynamic User Account threats are.
I'm thinking what could be a huge 'Hole' , are Panel Widgets. I don't know if they have been rigorously security tested, they are addons really, that someone has scripted.
And just comes to mind, downloading Wallpapers in KDE. Just off the top of my head this could be a huge threat, where instead of a Wallpaper you download Malware.
Just some thoughts, please understand Linux Security to me is; to only use our Repos, and don't Login as root