Yes, in principle the more layers of security (albeit this is slightly above obscurity) is better to deter an attack. However, given the specific issue at hand, it is almost irrelevant. I dare say, you could go as far as to disable an interactive login and drop the user to a suid shell right off the bat.

A specific set list of events have to occur for any single user to be able to get to that shell - and the risk of that is so low, there's almost no reason to mitigate against it, while increasing the possibility of alienation to regular users.