> the least secure thing to do (and this is a BAD BAD IDEA, but if > you're not actually connected to the net, it might still work) is to > just allow "xhost +" as your normal user, then "su -". this is a > super bad idea, however. slightly more secure (but not much) is to do an xhost +localhost before su'ing.