HAM uses /etc/sudoers.d/hildon-application-manager.sudoers, which allows passwordless sudo for apt-worker (as well as for hildon-application-manager-util to handle repositories). So no setuid here. If you force a password then I suppose HAM will just stop working because sudo will ask for a password without having a terminal for I/O. I suppose we could install some sort of graphical sudo ("gksudo" or whatever) and patch HAM to use it instead of "sudo apt-worker"..
Yup. Alternatively, "one" could implement a drop-in replacement for sudo which offers a graphical front-end if X is running. I would even go as far as configuring it with a different /etc/sudoers (like /etc/sudoers.mine) to prevent packages randomly adding themselves without asking. I know, this is Maemo, which is like the wild west .. .. but you know, this is Maemo, the user must have absolute control over the system.