[PATCH] su: support denying accounts with blank password

[Denys Vlasenko]

I tested

$ su --version
su (GNU coreutils) 8.17

and it allows su to root w/o asking for password if it is null.

busybox does the same.

If there is the need to disallow people to be able to log in as root,
you should set root password.

If you set password hash to an invalid hash, you can even make people
to be unable to ever login as root - there is no valid password then
(passwd -l does this).