Ubuntu is perfect, it's the silver bullet, it's unbreakable.
You don't need to run something to allow a direct attack vector into your machine - it's not that simple. The main attack vectors that have been historically used in the windows world have been chosen because they are simple, effective, and nothing more is needed.
This ubuntu utopia without rootkits, flawed daemons, and/or other issues is amazing - shame it has no reflection in the real world.
Let's start down a completely hypothetical road (bear with me on this one). You open up a pdf in your web browser. This is a linux machine, so it's perfect. Even though the filename is really weird, it's passed safely to the viewer application, and therefore doesn't cause a problem. 15 minutes later, your machine reboots at random - and you make sure that on reboot nothing is wrong - looking at the logs for what happened.
Unfortunately your machins is now running a rootkit, and nothing looks wrong. Only by running a network scanner on ANOTHER MACHINE can you tell that everything that you do is now being reported to a white/black hat - and even that can be well disguised.
I lied - this isn't totally hypothetical at all. There is a vulnerability in the pcre library (a string handling library) that allows code execution. Since some daemons run as root, and some use grep (linked against the pcre library), your viewing of the pdf could trigger the issue and cause code execution as root.
You're letting your machine view the web (since you are looking at that pdf) so that code can now download a mode complicated bootstrap code that then does more. Only a complete reinstall from clean media will get you back to a safe machine - and you'd better hope that the place you're installing from is clean.
BTW there was a discussion a long time ago about the possibility of including a self-maintaining virus in gcc. Every time you compile an application, it deploys some code into it - and it detects when you're compiling a new gcc, to then include the whole codebase again. Even something like gentoo can be tracelessly infected - the sourcecode may be clean, but are all your tools?
To summaries (sorry, this has been a bit long) - linux could already have been tracelessly and permanently infected with a trojan, as could ANYTHING.
Hell - are you sure that your bios (or equivalent) doesn't have any backdoors?