>> I don't know if you can disable su - > > Sure: usermod -L root. Before you do that, you need to have a user in > /etc/sudoers that has root equivalence. Ubuntu does this by default. I believe putting 'root' into /etc/pam.d/su will make it so that no one can su to root. Barry