[Labs-l] New wiki group contentadmin created
Ryan Lane
rlane at wikimedia.org
Wed Oct 24 17:52:44 UTC 2012
I've granted them all except for editinterface. I can't give out
editinterface as it would allow for the editing of site JS. That gives
the ability to take over cloudadmin accounts.
On Wed, Oct 24, 2012 at 2:28 AM, Petr Bena <benapetr at gmail.com> wrote:
> Can you grant these bits as well:
>
> bigdelete
> editinterface
> rollback
> browsearchive
> deletedhistory
> deletedtext
>
> basically, they wouldn't allow much more, given that tools that are
> already granted can somehow be used as workaround to get to same stuff
> (undelete would let me read the deletedhistory, for example, just it
> would be more complicated). It would make the wiki maintenance easier.
> Thanks
>
> On Wed, Oct 24, 2012 at 1:11 AM, Ryan Lane <rlane at wikimedia.org> wrote:
>> When we started preparations to open registration on labsconsole, we
>> started protecting the easy vandalism targets. Of course, that's not
>> great because we don't give out admin rights on the wiki, since it
>> would allow admins to inject javascript that could do really, really
>> nasty things.
>>
>> To allow people to properly manage the content, I've created a group
>> called contentadmins that has most of the rights of the admin group,
>> but without the rights that would allow cloudadmins to be owned.
>>
>> Petrb is the initial member of that group. We likely need to make a
>> request queue similar to the shell request queue to manage access.
>>
>> - Ryan
>>
>> _______________________________________________
>> Labs-l mailing list
>> Labs-l at lists.wikimedia.org
>> https://lists.wikimedia.org/mailman/listinfo/labs-l
>
> _______________________________________________
> Labs-l mailing list
> Labs-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/labs-l
More information about the Labs-l
mailing list