As about the security concern, why is it more secure not to let root log into X than otherwise? why is not letting root start X client after su/sudo by default a good policy?Because neither X nor any X applications are secure.
True, root X session over network is insecure, but how about using locally? the restrictions could have been set for remote usage only. Why is it even enforced for local usage? What is the security concern for local root X session? can u give an example? thanks. Lei