This is a really interesting 'security hole', but it can only be exploited under certain circumstances, and since it's not a true code security hole, can be reported here in the bug tracker.

Alright, here is the scenario.
Using a Beta3 install, I created three users:
[list]
[*] Highway of Life
[/*:m][*] Group Admin
[*] Admin Wannabe
[/*:m][/list:u]

Highway of Life is a Founder
Group Admin was given Admin permissions: "Manage Groups", and that's it.
Admin Wannabe is a regular user.

Logging in as Group Admin,
I went to the ACP, the only thing I can perform there is manage groups.
Go to Administrators group > Manage Users
Added Group Admin and Admin Wannabe to the Administrators group, set to default group and group leader (for both).
Instantly, I (Group Admin) have full Administrator Permissions to do whatever I want!! And now, Admin Wannabe also has Full Administrator permissions, just short of being a complete Founder.

There are several solutions to this problem,
But some thought needs to be used, because you could potentially leave another loophole.
[list=1]
[*] You could just protect the Administrator group.
[/*:m][*] You could add an extra Users/Groups Permission filter
[*] You could add a radio or pair of checkboxes to "Founder Manage Only" or "Group Leader Manage Only".
[/*:m][/list:o]

I'll have to give this more thought as to the best method of solution.