That sounds like a terrible idea. I don't think anyone should trust that what the X server sends is good at this point...Most of these issues stem from the client libraries trusting the server to send correct protocol data
Indeed. I really hope something can be done about making more widespread use of polkit, as opposed to visual sudos. Starting with YaST.The X.Org security team would like to take this opportunity to remind X client authors that current best practices suggest separating code that requires privileges from the GUI, to reduce the attack surface of issues like this.