If a user copies an app like Firefox to /opt and then chooses to give the app write permission, could you display:
“Granting this program permission to write to a root-owned directory creates a local privilege escalation risk. If the program is exploited by malware, it could perform malicious actions and compromise your system. This is strongly discouraged.”
(checkbox) Don’t show message again.
You shouldn’t be able to do that without super user permissions in the first place.
After reading information on the internet, some users might think it is a good idea to copy the unpacked Firefox tarball to the /opt directory. Third party software is installed in /opt, correct? If a user enters their sudo password to copy FireFox to /opt, there is no security risk, correct? If Firefox is downloaded from Mozilla(the developer of Firefox, trusted source).
In order for the Firefox in-app updater to work. A user might change Firefox executable permission to write or change the /opt folder to write. This would create a security risk, that the user might not be aware of, correct?
I doubt that a real naive user will do it. You need a minimum of knowledge to get the idea of downloading a tarball and copying its files into the root filesystem.
Generally, it is not recommended to copy files to or modify files from the root filesystem. In addition, with sandboxing systems, Linux distributions move to a system consisting of a fully read-only filesystem with sandbox-only apps.