Here's a typical problem you're faced with when you design a desktop Linux distribution. Of course, you want to give the desktop user sitting in front of a machine access to all the hardware attached to it, like CDROMs, video cameras, audio equipment, etc. All of these are accessible through device files, and in order to access them, the user must be permitted to open these devices.
The first approach is to make all applications that need to deal with these devices setuid. This is clearly your ticket to hell; but some distributions chose that path nevertheless.
Another approach is to ``give'' all these devices to the user when he logs in on the console, and to ``take'' them away from him when he logs out. This is the approach RedHat's pam_console implements, and the one Caldera does by using the TakeConsole and GiveConsole scripts supported by kdm.
A third, equivalent approach is to put all these devices into a group named console, and add this group to the user's list of supplementary groups when he logs in.
Whichever of those two you choose probably depends on various other factors, but from a security perspective they're both much better than the setuid approach.