The most basic access control that SafeX provides is the ability to make you aware of every client that connects to your X server. 99% of the time you know whether or not a client should be connecting to your server. With SafeX you have complete control over whether new connections are accepted or rejected, and this control is above and beyond whatever access mechanism you are currently using. With SafeX you can even use "xhost +" and remain secure.
With normal X security mechanisms once a client obtains access to your server it can do anything (essentially every client is the equivalent of super-user). However, with SafeX you can control the behavior of untrusted applications. Should that shareware program really be reading keyboard events from your terminal windows? With SafeX you can prevent this and more.