4.4.3. Limiting Root Access
Rather than completely deny access to the root user, the administrator may want to allow access only via setuid programs, such as su or sudo.