[rsbac] passwd

[Bencsath Boldizsar]

What about a new RC FD type "nonroot exec" for the program passwd, It
cannot be run by "system_admin" but can be run by some other role (e.g.
general user, as it asks for password (system_admin should not be
compatbile with that) ), and get root a way to change to this other role
(wrapper).
This way it is o.k. not only for root, but for users and the new role can
be used to solve other problems, too.
boldizsar