| The lack of screen tearing is a big feature to me, but sometimes people get x11 to work without this being a problem. The other feature for me is security. Sandboxes can access the wayland socket and run GUI stuff, without the ability to read the entire screen or run commands that effect outside of the sandbox. The wayland socket is a unix socket, exists as a regular file. Gating access to the socket works like any other file. X11 has some interesting issues here. It creates an "abstract socket". These exists as files on the file system, but they are not regular files. An interesting exmaple: A sandbox that starts with a fresh root and bind mounts in only what is required. Even when you don't bind the socket into the sandbox, the sandbox can still access it! There are ways to prevent sandboxes from accessing the x11 socket, but this is definitely not what I would have expected! With wayland, if the socket is not bind'ed into the sandbox, it can't be accessed, it behaves as expected! This might not seem that important, but these features bring Linux desktop out of the 1900s with regards to security. Software like flatpak would not be able to effectively sandbox GUIs at all without wayland, a feature other platforms have supported for at least a decade or more! The Linux desktop isn't making great use of this and related technology yet, on the standard distro, by default, applications can read your GPG keys and other important data, or even delete it. Wayland is a step towards fixing this! |