There are two 'standard' versions of /etc/sudoers used by Linux distros. One follows the principle of least privilege, and does not by default include the line you mentioned. The other prefers usability and ease of maintenance, and includes the line you listed above.

From a practical perspective, outside of very highly constrained environments involving things like SELinux, there is no difference in security between the two versions because root already has all the tools he needs to impersonate other users (either via su, or using any other software capable of calling setuid()).

However, there is an administrative advantage to being able to use sudo -u as root to impersonate other users. Because sudo properly sanitizes the environment and then follows standard shell login procedures, using sudo -u to impersonate a user allows you to more accurately reproduce issues reported by that user than you would be able to with just su, which in turn makes help-desk type work much easier.