True, but if you type "su" instead of "/bin/su", then you're vulnerable to shell aliases or changed PATH variables. These might be noticed before they lead to disaster -- but what if the attacker has changed your login shell to a hacked version that masquerades as the real thing?
Or the attacker could run a program from your account that takes over the entire screen and looks just like your display manager or "login" prompt. It will let anyone log in normally, but not before snagging a password and setting up logging for all keystrokes.
When security is of the utmost importance, any user account must be treated as a major risk. You should su or sudo rarely, and from a special, tightly-controlled account, and you should monitor all logs and accounts for suspicious activities.
Thanks, I was just about to say that myself. :)
There are MANY, very easy ways to sniff a password with user-level access. If a cracker ever has access to a user account when you su or sudo from it, he gets root access on your machine (unless he's stupid).
Michael
