so the security um, hack here is that someone has unauthorized access to your machine. its not related to x11. If you run untrusted code, thats it... who cares about x11?

Why did you used the "untrusted code" term? sounds like if you were delegating all the weight over the user's shoulders,

two years ago, trusted code like xz-utils [0] had seven months of freedom in the infected systems.

[0] https://news.ycombinator.com/item?id=39891607

> its not related to x11

Ideally one want to detect malware the earlier possible, and try to restrict what they can do from the beginning, until is noticed.

In this case Wayland, voluntarily or not, it's more restrictive than X11 with the access to screen and keyboard.

I know, I know, later the reply of the community will be a couple of downvotes more and "that already existed", "you could use, bla bla bla", and this is how Linux is ten years (minimal) behind Windows in tooling for this matter ¯\_(ツ)_/¯