Yes, your example is such a use case, which I already mentioned before. Simply don't input anything sensitive (you *can* input sudo password though) when you have an untrusted firefox running (i.e. if you've visited shady sites in that session).
And btw, this should apply regardless of X being secure or not. The point is that exploits exist, even for Wayland, so it's only sane to do this no matter what.
If you really ought to input something sensitive, then kill all firefox user apps (sudo pkill -9 --uid firefoxUser) before commencing. No, it's not inconvenient, you can just make a script and add sudoers rule so that it can happen with 1 click (no need to even input password).
And btw, this should apply regardless of X being secure or not. The point is that exploits exist, even for Wayland, so it's only sane to do this no matter what.
If you really ought to input something sensitive, then kill all firefox user apps (sudo pkill -9 --uid firefoxUser) before commencing. No, it's not inconvenient, you can just make a script and add sudoers rule so that it can happen with 1 click (no need to even input password).
Comment