It is never configured to do so, gdm doesn't ask for a root password (there is
no gdm configuration for this).  PAM and userhelper may, but gdm won't.  I think
it's overly anal to ask for a password for reboot or shutdown on a local console
as the user could just unplug the machine with much worse consequences.  If it's
some sort of kiosk, then I'd recommend not having the actions menu.

# The Actions in the Actions menu require the root password
SecureSystemMenu=true

but the logout-prompt on gnome does not ("restart" and "shutdown"). AIUI the
options are from gdm..

I admit that if the actions-menu is visible then it probably is on a local
console and the direct reboot/shutdown is convenient. But, they shouldn't be
visible on the logout-prompt if SystemMenu=false, but that is bug #149910

oh, f*ck.. This is a Debian-specific change, just that it isn't made properly.

*** Bug 309627 has been marked as a duplicate of this bug. ***