It *would* be safer to use neither su nor sudo, and only have root log
in on a separate, secure console, thereby eliminating the possibility of
password sniffing from a compromised regular account. However, few
desktop Linux users actually run their computers this way.