Report Server Security

There are two type of securities for Report Server: System Security and Item Security

For System Security, there is Admin and User. I just tested and realized that Admin can be anyone who is Local Admin to the Report Server. Is there a way to prevent Local Admin to be able to self registered as System Admin for the Report Server? I am looking into the Report Config file.

what have you tried?

Honestly, I doubt this can be done but I have tried on two different report servers and both came to the conclusion that if one is in the Local Admin group of the server, then that user can add thyself to the SA on the Reporting dashboard (site/settings).

So how is it some random user is added to the local admin.
I question that decision