How to restrict su command root in linux

(Not Recommended for some reasons) 

Open a console or terminal and type :

Remember the current file mode bits and restrictions for su binary:
# ls -la /bin/su
-rwxr-xr-x 1 root root 24284 Apr 28 2007 /bin/su

Noticed that su binary is world executable and world readable. This basically means anybody can call and execute the su binary and gain access to perhaps stolen password with bash-enabled user accounts. If you wish to change this, you can issue the following command as follows:
# chmod 700 /bin/su

So, only root and root alone can call su binary command.

Note that, it is not advisable to do this if your su binary is set to suid root, that has similar attributes like below:
-rwsr-xr-x 1 root root 27052 2007-08-02 18:33 /bin/su

as it could affect some apps and package that links to suit root-ted su binary.