Wasn't that already easy to fix, in your profile search.rdf and search.sqlite and search.json... after set it first properly you can just alter the permissions of those files. Don't allow writing for json and rdf.
Better than the actual posix file permissions, only capabilities in fashion of the old EROS OS. And both give the user total control.
All this security is a "faux argument", Linux can be pretty safe already without artificial mechanisms.
In Windows if you have ACL, you can do the same.
No!... Malware is a "social engineering" paradigma, and in that perspective all this seems more like a "carrot in front of the donkey" for something else.