The X11 system itself runs as root, though. And this opens the door for privilege escalation exploits.
It usually does, but it doesn’t have to.
That’s before we even consider the devs themselves saying that the complexity, decades of spaghetti code, and unfixable bugs make it virtually impossible to patch.
And the new thing to replace that is still not good enough after 10 years or so.
I said that install scripts for repo packages always run as root. And therefore anything that makes its way into the script will be executed with root privileges. That is a risk.
Let’s please not extrapolate the problems of your distribution to all of them.
What do you mean, “so what”?! A non-root program being able to highjack system commands and even gain root access isn’t “so what”, it’s a glaring security hole.
Your user may set aliases for the shell of your user, and the program\script ran by your user can do that.
It’s not a security hole at all. It’s something you should be able to do for any normal use.