As an application developer, we highly recommend that you
declare all your Apex controllers “with sharing” in order to ensure that you’re
respecting the sharing rules configured by an org administrator. However, there
are legitimate use cases where a controller must run in system context (without
sharing).
You should provide an org administrator the ability to explicitly
approve such behavior to avoid leakage of data to unauthorized users. Details
on implementing such functionality can be found in the following discussion
board post: http://community.salesforce.com/t5/Security/Bypassing-org-sharing-rules-in-Apex-with-org-admin-approval/td-p/194231
-Varun Badhwar