Remove code co-sysop flags and exemption checks

I'm unable to make tests work where this code actually performs as expected, where a co-sysop can edit a higher-level sysop only if they have that flag/exemption themselves.

In my opinion:

1. The BBS world is past the point of needing this.
2. A co-sysop shouldn't be able to add flags/exemptions to a user of any security level if they don't have it themselves.
3. A co-sysop shouldn't be able to add flags/exemptions to their own account

But mostly just 1 above. I don't think we need this anymore, and the code should just be simplified to a co-sysop cannot edit a security level above their own, no exceptions.