I believe your concerns are already address by the fact that the additional capability that the user gains is done using RBAC profiles.
It will be the subject of other cases what actions are actually provided in the default configuration. This case is just about the infrastructure. It will also be upto individual distributions what profiles they have configured that are assigned using this mechanism. Because this is done using RBAC the local admin gets to change or augment the default policy of the distribution. Most of the initial things that will use this mechanism are already granted to the user on the system console anyway - the ability to shutdown, suspend and provide WiFi keys. This case isn't about changing that but about providing a single place to control this for the developer and more importantly making it visible and under the RBAC umbrella for the admin. Hope that helps your concerns. -- Darren J Moffat
