On Thu, 21 Sep 2017 at 12:18:54 -0400
"Renaud (Ron) OLGIATI" <renaud@???> wrote:

> On Thu, 21 Sep 2017 16:33:23 +0100
> KatolaZ <katolaz@???> wrote:
>
>> you probably just need to `xhost +` from the "regular" user account
>> before su-ing. By default the current display is not accessible by any
>> user except the one who launched it. root is not an exception.
>
> Anything against having `xhost +` in ~/.bashrc ?

Yes, it leaves your barn doors open to everyone.

If you do not want to use ssh, that is your local network is a secure one,
you could do this:

1) extract your X11 cookie from your local Xorg session:
[user_a@wrkstn05 ~]$ xauth list $DISPLAY
wrkstn05/unix:0 MIT-MAGIC-COOKIE-1 120d5357706960bcd453de4886412267

2) merge it into your remote workstations's list of available X11 cookies:
[user_b@wrkstn03 ~]$ export DISPLAY=wrkstn05:0
[user_b@wrkstn03 ~]$ xauth add $DISPLAY . 120d5357706960bcd453de4886412267

The dot "." in the later command is a short notation for MIT-MAGIC-COOKIE-1.

Now, on the remote machine (wrkstn03) only the user who run the last command
to merge your X11 cookie to his list of usable ones (user_b) can export
windows to your Xorg session, all other users on the same machine
cannot. Remember however that all data is shuffled between the two machines
over the unsafe, unencrypted X11 protocol.


Welcome back to the '80s!


Alessandro