The wheel group exists for a critical purpose and Wikipedia has a concise definition:
In computing, the term wheel refers to a user account with a wheel bit, a system setting that provides additional special system privileges that empower a user to execute restricted commands that ordinary user accounts cannot access. The term is derived from the slang phrase big wheel, referring to a person with great power or influence.
On Red Hat systems (including Fedora), the default
sudo configuration allows users in the wheel group to use sudo while all others are restricted from using it in
## Allows people in group wheel to run all commands %wheel ALL=(ALL) ALL
su command can be used by all users by default (which is something I often forget). Fixing it is easy once you take a look at
# Uncomment the following line to require a user to be in the "wheel" group. #auth required pam_wheel.so use_uid
Uncomment the line and access to
su will only be available for users in the wheel group.