In my case, part of it is that sudo is an extra installation for me on Gentoo, while su is part of the base system on any Linux. Given that all nontrivial software has bugs, every unneeded package you install adds very slightly to your security risk.

In terms of security, sudo is better in the environment for which it is intended: a system with multiple human users that has a dedicated sysadmin who curates /etc/sudoers and makes sure that no user has more permissions than they absolutely need. However, only a small fraction of all machines running Linux meet those criteria. On the typical home system that’s using some distro’s default sudo-with-user-passwords setup, you can get root authority with only one password, whereas with su you need the passwords for both a wheel account and the root account. That isn’t much added security, but every little bit helps. On the other hand, sudo can be set to require you to enter your password again after a period of time, while su will allow a root session to hang on unto infinity, which may matter if untrusted Linux-savvy people have physical access to your machine (I don’t have that issue).

In other words, the benefits are real but minor and situational.

(None of this holds if you’ve done something really stupid in your configuration, like always starting an SSH server that allows both password login and direct root login when the system comes up. Always follow current best practice—in this case, certificate login only, and no direct root login—when setting up something that can be accessed over the network.)

(Some people claim that sudo has stopped them from unintentionally running a command as root. I just assume any console I’m using has root privileges and I shouldn’t run dodgy commands in it to begin with.)