On Wed, Jan 06, 2021 at 10:20:00AM -0600, David Wright wrote: > User's DISPLAY not revealed > > After su DISPLAY=:0.0 > > (exit) > > User's DISPLAY not revealed > > After su - DISPLAY=:0
Well, that's pretty clear evidence that they're hard-coding the equivalent of "export DISPLAY=:0" in one of the dot-files that "su -" reads but which "su" does not. The obvious candidate would be /root/.profile but there are many other possibilities, up to and including some bizarre pam_env.conf thing. > As I pointed out, these values will both succeed in pointing to the > same actual display (though I only tested that they both work on my > own display, called ":0"). But they are textually "DIFFERENT", so > they can't both be copied from the user's (unrevealed) value. Yup.
