I have a regular user using USS under z/OS and they can switch to a Superuser logonid without knowing the password, or even a STC logonid. What is checked when a user switches to another user using the SU command in USS?