Likewise su should not screw with PATH
Likewise this functionality from su is misguided:
The current environment is passed to the new shell. The
value of $PATH is reset to /bin:/usr/bin for normal users,
or /sbin:/bin:/usr/sbin:/usr/bin for the super user. This
may be changed with the ENV_PATH and ENV_SUPATH defini-
tions in /etc/login.defs.
This path should be
for both root and normal users.
There is no security rationale for making root's life more difficult by making
it more awkward to run binaries installed locally -- binaries installed in
/usr/local by the administrator are no more or less secure than binaries
installed by the distribution. And none for making life more difficult by
making all of X more awkward for root to use -- especially as more and more
administrative functions use or require X.
Nor is there any rationale for making life more difficult when suing to other
users by making it more awkward to use programs /sbin or /usr/sbin such as
traceroute, lsmod, ifconfig.
The only rationale might be that in the case of a network outage where /usr
might be network mounted you might want to have PATH be entirely local.
However in that case it should be /bin:/sbin, and in that case you're probably
not using su to gain access anyways.