As far as I can see the privilege to grant/revoke permissions/roles is transitive. This means that if an account has a certain permission/role they can grant/revoke this permission to any other account. I don't think this is a correct model for permissioned system.
As far as I can see the privilege to grant/revoke permissions/roles is transitive. This means that if an account has a certain permission/role they can grant/revoke this permission to any other account. I don't think this is a correct model for permissioned system.