5) Think of security.
Spam Filters for Your Mac: Six Choices
Apple Adds Automation to Aperture
iPhone and Steve Ballmer
Using Vista and Linux on a Mac, Part One
This one really bugs me. Whether it's Adobe creating world-writable folders inside of Safari, Flip4Mac popping Finder windows on machines at the login prompt, or Quark just mangling permissions left and right, it's just bad news. (Please note that these examples are not all current. Don't go writing angry emails without testing in your situation first.)
It not only makes sysadmins hate you, it can, depending on the rules the customer operates under, make your application get banned from that customer's site. Do you really want to quite literally force your customers to not use you? Didn't think so.
So don't be silly with security. Take a little time to check the state of a system after your install process is completed. Along these lines, don't always make people enter a password. Yes, I know, it's to prevent people from installing things they shouldn't, but if their destination is writable by them, (i.e. their home directory if you aren't being inflexible in your installation destinations, this isn't a problem), then the logic behind making them authenticate is pretty weak.
If you have to install things that will run at a higher privilege level than the user doing the install has access to, then yes, authentication is appropriate. But if I'm installing it to /Applications, and I have write permissions to install there, popping an authentication dialog is not "enhancing security, it's just "wasting time." It's also teaching people to blindly enter passwords. That's never good.
I realize that you can't get an ROI on an install, and that install writers get no respect, but a bad installer is like daring your customer to go to your competitor. Is that what you really want?