Sure, you can dump accounts etc. I know more about that on Windows than Linux like /repair/SAM and /regback/SAM etc. But on Linux I'm assuming that using something like Apparmor would solve that easily whereas there is no solution (other than SELinux -x, which is way less than ideal) for X keylogging.

Same goes for the browser having more access than it needs - that's a permissions issue with tools already available to solve it.

And, again, following the Linux security model (users/groups) you can run your Firefox as a separate user and mitigate a lot of those attacks. But X-Keylogging remains, breaking the user/group model.

Lots of the information being entered into the browser is sensitive, but I don't see how that makes it *less* dangerous that an attacker can view the rest of your input such as into a terminal, gksudo, or sensitive files.