security profiles for configurators and developers

hello experts,

is there a generic (standard) profile for:

1) functional configurators that are not allowed to touch development objects, and

2) developers that are not allowed to perform functional configuration?

I am familiar with the S_DEVELOP authorization object; is there a way to exclude the customizing tables from the list of objects?