Restore default Member group rights to Contribute rights, not Edit rights
In SharePoint 2010 and lower, the default permission level for the Members group was Contribute. In SharePoint 2013 and above, including Online, it is Edit. This allows members of a site to edit app settings and delete apps. That is the role of Site Owners. Please restore Contribute to the Members group as we have to change every single Members group manually now.
Thomas Gass commented
The worst bit is that currently when you create a new Team, you can't reassign the default Members group permission level from Edit to Contribute.
I've got round it by emptying the default group right after creation and creating a new group to replace it, but that's not very elegant.
This is another symptom of how the current approach around Teams is not compatible with rigid information management.
Mike H. commented
Was just watching a Lynda.com course on PowerApps that pointed out how problematic this is, and recommends modifying lists individually to stop inheriting permissions and switch members from Edit to Contribute.
Will Shea commented
Totally agree. Against Least privelige. Edit level permission is not appropriate for the vast majority of site members. This seems to have been done as a matter of convenience for O365 Groups but it is a terrible decision for SP Online. And to make matters worse it is not changeable without a whole lot of convoluted steps that the average SharePoint site owner is not going to grasp. What is the rational for this?
This design decision goes against computing security 101: Principle of Least Privilege (PoLP).
I totally agree with you! Members rights should be no more than contribute. It has caused a lot of issues for us already
I 100% agree with this. Why in the world was this change ever made in the first place?