>If such a user wants to run untrusted programs, he'd use a virtual machine anyway.
In your imaginary world. Real users don't know what a VM is and expect their system to be able to run untrusted programs without exposing all of their data. Which they are able to do on most modern systems.
We are talking about users of the Linux operating system. Many of them do know what a VM is. If they don't, or if they expect to be able to run untrusted programs willy nilly, then the benefit of Firefox doing this is, again, basically zero.
As I cannot reply to your reply, I will write the response here. By using Wayland, surely the direct benefit of this change to you is zero...
I use Linux and I don't audit the source and dependencies of every single program I use or run things in VMs. I do expect wherever possible that programs run in a sandbox with the most limited set of permissions. I have been running almost everything in Flatpak on Wayland and it seems to clearly be the future.
In your imaginary world. Real users don't know what a VM is and expect their system to be able to run untrusted programs without exposing all of their data. Which they are able to do on most modern systems.