"Wes Shull" <wes.shull(a)gmail.com> writes:
With the login->su path you at least get an audit trail that tells
you
who(se account) was running as root...
Audit isn't security and in this case doesn't buy you anything (the
interesting trace would be the remote IP and possibly TCP port and/or
ident username in both cases, the local non-root user name doesn't
matter).
Using "su root" essentially means the user account (not necessarily
the human user, just the account) has root privileges. I think most
beginners aren't aware of this.
--
Krzysztof Halasa