>> Before running su, type "xhost +localhost", or just "xhost +". Read >> xhost's man page for details. xhost +localhost maybe. xhost + is *evil* :-) If you're using xdm, you may find that su --perserve-environment has the right effect, as it causes root to still be able to find $XAUTHORITY, the variable that points to the file where the keys for what ever xauth mechanism is in use is using.