Actually thats a problem with the design of the OS that comes from an earlier era when there was no mechanism to make changes on the fly. This is the main problem with Windows, too much legacy code/functionality is being kept in the new releases for the sake of backwards compatibility.
You wanna tell Adobe, Oracle, McAfee, Mozilla and every other company that makes Windows software that they're going to be broken next Winodws Rev?
Or how about the millions of customers that are going to blame MSFT because their 5 year old copy of hello kitty's fantasy island doesn't work? It has to be a weening process. Unlike Apple who can just break things as they like because they're Apple, MSFT is damned if they do, damned if they don't.
Why? It is a settings change, it can be passed to the daemon real time, all is necessary is a special message for the daemon to reread it's settings file/db.
It's more than that, it also requires change at the kernel level. You can't make that change inflight.
In short yes you can. In the newest version of Ubuntu there is an ability to automatically grant user "root" permissions for certain actions (and no they do not require even a log off).
You can do that in Windows as well, it's in the Group Policy settings for those tasks.
Unlike UAC in Linux based OS's everything is written into the /home/<user> directory to which you as the user have full access rights. The only times you have to grant permissions is when you are doing system wide changes, such as software/driver installations, editing GLOBAL settings (not many that you would touch in *nix btw). All the administration utilities that do require "root" access will prompt of a password at the start no need to type anything into the CLI.
To add to that OS X uses the same sudo system as a lot of Linux OS's use and it seems to sit fine with the users.
The problem with UAC is not that it is there it is the way it's implemented. There is no need whatsoever to ask for as many confirmations as it does, this makes users LESS aware of something going on as you just want it to get out of the way rather than pay attention.
I wrote a pop up blocker for my OS.
To make things worse what MS is doing is basically shifting responsibility to the user. They are making it more "secure" but not through the use of better coding or higher emphazis on security testing. They are saying "here, YOU have full control over what app runs (not really system services still run as they want) and what it can access, YOU decide what is OK and what is not and if YOUR computer is compromised it is YOUR fault not ours, don't look at us we gave you the tools"
You'd be amazed how much of your theory is wrong.
Users are stupid, stupid people on the whole and are more to blame for virii and malware than MSFT. The CERT alerts for the majority virii on Windows XP start off with "The user is lured to a site..." "The user is aksed to execute..." "The user opens a..."
But at the end of the day, it was all MSFTs fault before, it's all MSFTs fault now, and it will all be MSFTs fault at the end of the universe.
This is just the wrong way to go about it, it is obvious that average users are not able to keep their computers secure otherwise we wouldn't have the amount of malware running around the net that we do now.
And as I noted above, vast majority of that malware requires user invocation. That user is socially engineering to execute code and since most people don't give two bing cherries about their account levels, they would do so at the adminstrator level which in Windows XP was your Administrator account which was full access to session 0 (root in *nix terms). Abstratcing elements of that session 0 access in to a protected space was the right move.
And really the easier and more secure of the two solutions was chosen. You either run around and attempt to educate every user out there to not use Administrator, or you change the nature of the default Administrator account which everybody seems to use.
Having an OS pop ups was so fully the wrong move I can't even beging to describe it.
And again, MSFT is damned if they do, damned if they don't.