Permissions Lock | drupal.org

This module provides the ability to have more fine-grained control over what users with the permission 'administer permissions' can configure. You can decide which user roles will see a limited permissions table at admin/user/permissions, and who has unrestricted access to it. The modules allows you to lock certain permissions and / or certain roles. This means that these permissions / roles will not be available for configuration to a user with limited permission configuration rights.

This module could be useful if you want to allow a client to control website permissions for relatively harmless things like posting comments, creating content, administering taxonomy etc..., but you don't want the client to have the opportunity to change permissions for things like Views, content types, themes, ...