It's a legacy thing from running UNIX machines with small'ish hard drives. A rogue process' log file could fill the root volume and prevent logins to the system. That's why /var/log or /var was on its own mountpoint/partition. It was much more of a UNIX sysadmin thing than a LINUX sysadmin thing, as EXT2 reserved space for root to do things.

Historical reasons aside, some operating systems (like OpenBSD) are designed to be able to implement different security policies by filesystem. For example, you could mark a given filesystem as executable or non-executable, adding yet another layer of security (at least policy-wise) to a system. And really, with things like LVM and btrfs, there's little reason why this is a bad idea anymore, since expanding subvolumes/LVs is generally trivial.

You can do that in linux by bind mounting a folder to itself with the more secure options. I have a couple systems where I do this to have directories noexec, nosuid, etc. Kinda hackish but useful.

Have you never used more than one disk in a machine? Locked out of a machine because /var/log is full?

More the one disk -> LVM

And no, only /tmp has reached capacity for me when building large packages with Archs makepkg.