YOU THERE!! Malicios script installed as a DEB, please read!

[hoppipolla]

then they just add a gksu or something to the script
most people don't know inside what kind of package a screensaver should be.

well, true. It's tricky when people are given so much freedom to put whatever they want into packages.

However, I still think we need to enhance package management to recognize different users more.

Not everything should be installed as root, IMO

Quite contrary, this is not a hole in the system. This is social engineering applied outside of lab testing.
It is no surprise that people fell for the cookie.

But as much as we teach you not to download anything from untrusted sites - people will fall for the "Linux Security" propaganda and get complacent.

Linux is a strong system not because of the system being "built ground up for security", that is but a small piece in the puzzle. Linux is a strong system because it's users are generally "in the know" about threats and prevention.

I don't agree at all, Linux IS more secure from the ground-up due to it's strict permissions system, not opening too many ports, rapid open source development and probably other things that I am not aware of