Restrict the use of su command
su is used to become another user during a login session. Invoked without a username, su defaults to becoming the super user. The user will be prompted for a password, if appropriate. Invalid passwords will produce an error message. All attempts, both valid and invalid, are logged to detect abuses of the system.
By default almost all distro allows to use su command. However you can restrict the use of su command for security reasons.
Both UNIX and Linux have a group called wheel. If user is member of this group she can use su command. We can add user to this group.
How do you prevent non-root users from logging into the system? How do you assign user ftp and mail access only?
Howto prevent non-root users from logging into the system.