I saw this statement at the end of this answer:

PS: I have no idea why rfkill works when run as an unprivileged user. On my Mint, it doesn't have a setuid or setgid bit.

I was curious, and looked on my Arch system. Here's what sudo and rfkill look like on my system. File sizes and dates have been omitted. It looks like there's no setuid bit on rfkill (there is one on sudo, for comparison).

$ /usr/bin/env ls -lah $(which sudo) $(which rfkill)
-rwxr-xr-x 1 root root [OMITTED] /sbin/rfkill
-rwsr-xr-x 1 root root [OMITTED] /sbin/sudo

Interestingly, running rfkill to disable & enable wireless access works as described here, even though I'm running rfkill from my account (i.e., not as root and not with sudo or similar).

How does rfkill not require root, as typically commands that enable/disable hardware need to be ran with root privileges?