To my understanding all Users belonging to the roles set as CmsAdmins in the web.config can change and edit the "Set Access Rights" list. Is there's workaround for this? I would like admins to have rights to everything else but that and have a "Access Rights"-admin.
I guess you could add a location path in web.config for /EPiServer/CMS/Admin/security.aspx. It will give them the login-screen though.
<allow roles="MySuperDuperAdminRole" />
<deny users="*" />
Thanks a bunch, that will work as a solutions!