Mods can edit Administrator Profile?

[Sp4x]

At the moment it is possible that a moderator can also edit users. This is fine, but it should not be possible for a moderator to edit an administrator profile. I think this is a security issue. Of course you should only give moderator status to someone you trust, but it can still be abused!

It would be really nice if you could ban this for moderators. 

Or is there already such a feature? And I just didn't find it?

[ahc]

The only way they'd be able to edit an administrator profile is if they are listed as an administrator. 

ACP > Members > Administrators > Edit the group you want to change permissions for > Systems tab > Members > Uncheck "Can edit admin accounts."

[bfarber]

@Alismora that option is present to prevent administrators from editing administrator accounts (i.e. demoting the main site administrator to a regular member).

@Sp4x from a moderation perspective on the front end, we generally don't consider "administrators" to be anything special. The moderators can only edit generic profile information, i.e. they cannot demote the administrator to a different group or change their email address. This is not unintended and the harm the moderator can do is essentially limited to adjusting your custom profile fields and changing your birthday, which really isn't a concern (nor a security issue). Similarly, moderators can delete administrator topics or posts if you give them moderator permission to delete topics or posts.

[ahc]

@bfarber  I am aware.  I gave directions in the event the groups were listed under both moderators and administrators.  As you said, normal moderator editing permissions are not advanced enough to cause any real harm to an administrator's account otherwise.