Yes, there is a way to restrict this behaviour. This behaviour of su is governed by the PAM module (Plugable Authentication Module):
You must edit /etc/pam.d/su
comment the line :
auth       sufficient pam_rootok.so
like this:
#auth       sufficient pam_rootok.so
after that su from root will ask for the user password.

Click to rate this post!
[Total: 0 Average: 0]