Reminds me of an assignment I had at uni to implement sudo in C. You get elevated permissions using the setuid bit, and can verify the password of $USER against /etc/passwd.