Direct copy from an answer to my question posed on Ask Ubuntu ... this sounds technically correct, but I question the wisdom
It is a design feature that since 16.04 you do no longer need root
privileges to shut down or reboot the system through any method. Instead
the systemd and its systemctl tool accept those commands from regular users.
All related commands like shutdown, reboot, halt, poweroff are symbolic links ("symlinks") to /bin/systemctl and init is a symlink to /lib/systemd/systemd now by the way. You can verify this using the command file $(which COMMAND), replacing "COMMAND" with the one you want to check.
A standard desktop user is also able to execute these commands with sudo.
The good news is if another user is logged in the commands won't work without sudo.