Petr,
Another point here.. AUTHORIZE.EXE is just another NON-PRIVILEGED program. There's nothing magic about it. All it does is provide a (rather clunky) interface to view or modify a system authorization file SYSUAF.DAT, and some ancilliary files associated with system authentication (RIGHTSLIST, NET*PROXY, etc). Note that any non-privileged user can run AUTHORIZE and use it to create and maintain a private SYSUAF (but, of course, it won't be recognised by the system).
Even if you somehow were able to block the holder of two ALL class privileges from running AUTHORIZE, they would still be able to modify SYSUAF using alternative programs, or even raw DCL. There's no way you can block access to SYSUAF, because, by definition, it's THE file which the system uses to identify users.
The implication of this question is that the user with high privileges is not entirely trusted. If that's the case, the privileges should be removed. Turn this issue on its head. Rather than try to block all potential undesired uses by which privilege could be exploited (an infinite set), work out a way to selectively ALLOW privilege for just those actions which the user is required to perform.
There are numerous mechanisms available, but without a clearer decsription of why they are necessary, it's not possible to recommend how you can achieve it.
A crucible of informative mistakes
