What administrator in his/her right mind would open a user file while in a "root" account?
If I am in a root account and receive such a message from a user, I would message them back
that it would be a while, drop out of "root" or revoke my "root" privileges, -then- open the
file. In a well-maintained SE Linux system, that should prevent any malware from popping out
of an infected file.