A few feature comments and question

[nuclear_eclipse]

They have, which is what the 'founder' tag is set for in a user's profile. Only founders can edit the permissions and status of other founders. That is unless I misunderstood what I read (somewhere, don't remember).

[gutterballk7]

In your response to TwistedWeather's post... yes, they do have that founder status. Only founders can edit other founders.

However, my question revolves around the fact that a user should not be able to grant more powers than he/she already has - any "admin" given permission to edit groups for users could easily give his/herself more power.

I guess, if you want someone to be able to edit groups, maybe it's just better to make them a group leader for that group? Er... I don't know how they would manage that group without the ACP but... yeah.

I'm just saying, if you want a lower-level admin that could put people in a moderator group, he/she could easily give him/herself admin powers by editing his/her own group. Furthermore, even with the ability to grant admin permissions, then the user can give more permissions to his/herself. In general, no user should be able to make a user more powerful than what he/she currently is.

[nuclear_eclipse]

I think the real point here is that if you are worried about a user giving themselves more power, they really shouldn't be part of your admin team. Do you really someone to be in charge of your system and its users if you can't even trust them to obey your limits?

[gutterballk7]

I think the real point here is that if you are worried about a user giving themselves more power, they really shouldn't be part of your admin team. Do you really someone to be in charge of your system and its users if you can't even trust them to obey your limits?

That is definately true, and I have thought of that same theory myself. However, an interesting story I have. The site I am an administrator on - well, I basically came out of nowhere, and within 2 months, I was an admin with the server password. Why? Because I apparently had good intentions and the admin trusted a person he didn't know.... and we kinda continued doing that. I could have been some internet "wacko" that just wanted to destroy.

Yes, you should be able to trust your admins to be better than that. But who says one can't go corrupt one day? For now, we will run off of trust, but it is just an idea.

[Lastof]

If they didn't have access to (individual user) permissions you could specifically set certain permissions as "No", hence preventing them from using such options even if they have the permission set to yes elsewhere.

However, this is still setting permissions for your admins individually, which isn't an optimal soultion. But I can't think of another method.

[Martin Blank]

I think the real point here is that if you are worried about a user giving themselves more power, they really shouldn't be part of your admin team. Do you really someone to be in charge of your system and its users if you can't even trust them to obey your limits?

I do trust my admins, but gutterballk7 does raise a good point. No one should be able to escalate permissions to a higher level than themselves. This is a tenet of good system design.

Perhaps there should be another permission set only for groups which determines whether users who are not admins of that specific group should be able to edit the memberships. This way, the board owner could designate the Administrators group as editable only by himself, or by whomever is marked as a group admin. It could even be hard-coded for that particular group, though I can see where it would be useful in groups that are provided moderating powers as well.

[EXreaction]

Ok...I was just playing around with this myself...and the only way for an admin to give himself more admin permissions is if you set Can alter admin permissions to yes...thats the only way they can do it...it should be that a person can only edit a permission level lower than their own(founder-admin, admin-mod, mod-user)...OR atleast give a major warning when someone tries to set it so they can alter their own permissions at that level.

We need someone in here that works on it...they definatly need to do something with this...

[Martin Blank]

Did you try having someone with group-altering permissions but not in the Admins group add himself to the Administrators group?

[Lastof]

It's definatly possible via groups.

I agree that there should be a setting on groups that either makes it so that only the group leaders of that group, or maybe that only the group leader and/or founders can change who is in the group.

[Graham]

You do realise that what you are suggesting is already possible - admin permissions are granular so if you don't want anyone other than the group leader(s) altering the membership of groups you just don't give people admin access to the groups and just make them leader of the groups you want them to manage. Remember a group can have more than one leader....