On some of my machines, when I run "su -" in a terminal to get a root shell, an XAUTHORITY file is automatically generated to give display access to GUI programs spawned by that shell, i.e.,
# set | grep XAUTH XAUTHORITY=/root/.xauthayZmdH
That file contains a copy of the MIT-MAGIC-COOKIE from my original X session.
On other machines with the same installed OS (CentOS 6.6) that does not happen.
What the heck is the difference? I have done nothing with my own xauth or xhost to permit or deny this on any of the machines.