gdm and sudo question

[Xan]

Hi,

I observe that in gdm.conf there are the lines:

# Reboot, Halt and suspend commands, you can add different commands
# separated by a semicolon and gdm will use the first one it can find
RebootCommand=/sbin/shutdown -r now "Rebooted from gdm menu."
HaltCommand=/sbin/shutdown -h now "Halted from gdm menu."
SuspendCommand=/usr/sbin/pmi action sleep
HibernateCommand=/usr/sbin/pmi action hibernate

and I asked if this should be substituted by "sudo [command]" and put gdm in 
sudoers file that "only" could shutdown the system (perhaps a good solution 
was add a group called "shutdowners" and add gdm to that group).

I ask that because ubuntu has a "secure policy" that root account is disable 
by default and "only" root should could shutdown, isn't?

What do you think about that?. I ask you with the best intention, as a desktop 
user that follow ubuntu movement.

Thank you very much,
Xan.

PS: For the other hand, a trouble (this is not important; I'm sure it's 
trivial):

My sudoers file (that is default file) is:
Defaults        !lecture,tty_tickets,!fqdn

# User privilege specification
root    ALL=(ALL) ALL

# Members of the admin group may gain root privileges
%admin  ALL=(ALL) ALL
~

and groups is:

root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:xan
tty:x:5:
disk:x:6:
lp:x:7:cupsys
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:xan,cupsys
fax:x:21:
voice:x:22:
cdrom:x:24:xan,hal
floppy:x:25:xan,hal
tape:x:26:
sudo:x:27:
audio:x:29:xan
dip:x:30:xan
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:xan
sasl:x:45:
plugdev:x:46:xan,hal
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
ssh:x:102:
postfix:x:103:
postdrop:x:104:
syslog:x:105:
klog:x:106:
xan:x:1000:
lpadmin:x:107:xan
scanner:x:108:xan
admin:x:109:xan
messagebus:x:110:
hal:x:111:
slocate:x:112:
saned:x:113:
gdm:x:114:


gdm not belongs to admin. So why it can shutdown my system?