There are a couple of main things that make Wayland useful:
- The IPC sockets are stored in
/run/user/UID, which has file permissions that prevent any users from accessing it except for the user that is supposed to access it. With X11, the IPC sockets are world-writable and saved under /tmp, meaning it is the responsibility of X11 to prevent software running under a completely unprivileged user account (such asnobody) from sniffing all keystrokes, recording the screen, etc. With Wayland, the kernel is able to prevent this kind of attack, no matter how the compositor itself is written. - X11 as a software ecosystem is dying. GUI software libraries (like the upcoming GTK5) plan to drop support for it, drivers are showing signs of bitrot with it, the upstream project is no longer actively developed beyond removing broken bits and fixing the occasional security bug, applications exist that explicitly can’t run on X11 and require Wayland, and many other distros are moving to it. Maintaining support for X11 is, in the long run, not feasible with our current manpower. Moving to something well-maintained is better for security in general.
The usual security benefits people reference with Wayland (like keystroke sniffing prevention) are actually not as useful to us, since there are Wayland protocols in labwc that can be abused to work around some of these limitations.