So, you install some software which automatically installs a Firefox addon. Then the next time Firefox runs the addon is automatically enabled? I know that's how plugins are installed. It would be nice if third-parties just didn't do this, but it seems like a change in Firefox must be made to prevent this.
Secure systems must include measures to prevent tampering. Installing code that automatically executes is most certainly tampering, and if my estimate of how this works is correct, I'd call this a Firefox security bug.
It may not be worth it, or even possible with current hardware, to prevent all software from installing addons "under the radar." Still, I'd bet that Firefox could incorporate a more secure way of keeping tabs on enabled addons.
With the Firefox plugin feature, Firefox could keep a list of installed plugins, their md5sums and their filenames. It could then hash this list and store the result somewhere. This would make it easy to detect changes to the installed plugins and prevent programs from simply changing the list of installed plugins. Malware could simply change the list then rewrite the hash, but I'm not sure you could ever get around security through obscurity (in this case) with a normal Linux install and consumer hardware. When different software is run as the same user and without any kind of sandboxing, this is what you get.
Maybe Linux distros need to make a change to enable more sandbox-type security. As Linux's popularity increases, I'll bet we see more of this behavior, just as we see so frequently in Windows. All the software already exists to implement this fairly well, and it's not like disk space is an issue anymore.
Microsoft should be making this change in Windows if building a more secure system is one of their goals.