Yes, X runs as root, as many servers do. It is important to secure the X display to deny unauthorized access.
When I type in the same, here is my line:
root 15142 15.0 2.2 286108 22880 ? SL 14:16 0:26 X :0 -auth /home/jims/.Xauthority -nolisten tcp -nolisten tcp
You may have a security risk, because your X server may not be secured.
Here are a couple articles on using Xauth to secure your X display.
http://www.acm.uiuc.edu/workshops/cool_unix/xauth.html
http://www.die.net/doc/linux/man/man7/xsecurity.7.html
Here is a quick reference guide on Linux Security (cheat sheet ) that you may find informative:
http://linuxsecurity.com/docs/