It is too easy to point this at your foot and pull the trigger. Maybe we can add an admission controller or webhook to reject the update? or perhaps an RBAC webhook to only allow the addon-manager username through?
http://kubernetes.io/docs/admin/admission-controllers/#how-do-i-turn-on-an-admission-control-plug-in, http://kubernetes.io/docs/admin/authorization/, #34348
I don't anticipate a hard coded kube-system authorizer. I think the general solution is to run with authorization on and do day to day tasks in namespaces other than kube-system.