I honestly think GNOME has this exactly right for the 'general' user:
the safe thing to do is to strongly encourage offline updates, i.e.
don't offer any online update mechanism through the desktop. In a
completely practical sense, given the current state of the tools and
the fact that we know bugs like this crop up - not *often*, but more
than *never* - I think it's a more responsible approach than running
the update process inside the desktop session.
Could KDE perhaps look into making it so the update process runs
outside of the desktop session somehow, if it's not going to go to
full-on offline updates 'any time soon'? I know this decision has its
own complexities, though.