Where the potential security problem is caused by giving unauthorized persons physical access to the machine, where this might allow them to perform things that they shouldn't be able to do.
A good example of this would be a public workstation room where it would be trivial for a user to reboot a machine into single-user mode and muck around with the workstation filestore, if precautions are not taken.
Another example of this is the need to restrict access to confidential backup tapes, which may (otherwise) be read by any user with access to the tapes and a tape drive, whether they are meant to have permission or not.
[From the FAQs of comp.security.unix]