In 3.0.0:
Staff that could not edit their own accounts in the xul client can edit their own accounts in the web client.
Privilege escalation via profile is still prevented, at least. It looks like it's just a UI check in the XUL client that disables the Save button if the user being edited is the same person logged into the client.
Fixed for 3.3 per https://bugs.launchpad.net/evergreen/+bug/1842940
Bug watches keep track of this bug in other bug trackers.
Privilege escalation via profile is still prevented, at least. It looks like it's just a UI check in the XUL client that disables the Save button if the user being edited is the same person logged into the client.