If you have some malicious code running on your computer, you have already lost. Nothing stops it from impersonating another app and asking the permissions to see your screen, accessing local secrets from the files or doing who knows what.
You can still download a tar file with an static executable inside, and double clicking that exe will happily run it unsandboxed, and it’ll be able to do whatever with your secrets or files of other apps, unlike firefox, which is not able to share your screen easily.
If you get a really malicious app, it could probably also exploit debugging tools to inject itself into the memory of processes that do have the permission to access the screen without asking…
Preventing apps from accessing what you see on screen or sending keypresses, or stealing your focus, is not going to protect you against anything, but it’s just going to make it impossible to use legacy tools, autohotkey-equivalents (look up how to send a key programmatically to a wayland app… wayland provides no interface for that. You have to create virtual evdev devices and run your app with root permissions…) or making it clunky to have a calendar appointment notification pop up right in front of the screen (grand theft focus luckily fixes that on gnome…).
Performance on 3d games is also much better on X for me.
If you have some malicious code running on your computer, you have already lost. Nothing stops it from impersonating another app and asking the permissions to see your screen, accessing local secrets from the files or doing who knows what.
You can still download a tar file with an static executable inside, and double clicking that exe will happily run it unsandboxed, and it’ll be able to do whatever with your secrets or files of other apps, unlike firefox, which is not able to share your screen easily. If you get a really malicious app, it could probably also exploit debugging tools to inject itself into the memory of processes that do have the permission to access the screen without asking…
Preventing apps from accessing what you see on screen or sending keypresses, or stealing your focus, is not going to protect you against anything, but it’s just going to make it impossible to use legacy tools, autohotkey-equivalents (look up how to send a key programmatically to a wayland app… wayland provides no interface for that. You have to create virtual evdev devices and run your app with root permissions…) or making it clunky to have a calendar appointment notification pop up right in front of the screen (grand theft focus luckily fixes that on gnome…).
Performance on 3d games is also much better on X for me.
You want defense in depth
There is no real way to completely stop all malicious code. The best you can do is limit the impact