Follow up: How to write a Linux virus

So you're basically suggesting a user run their browser under a different user account, to sandbox it. One disadvantage I can see is that many people would never bother to change the ownership of the "internet"'s files and, if infected, would end up with a lot of data at risk for loss/theft. Also, if a file is not de-sandboxed in a timely fashion, a later infection can modify data the user has already "vetted". This increases the risk of infected files escaping the sandbox, when the user decides they finally want to copy that mp3 to their music folder.