https://bugzilla.wikimedia.org/show_bug.cgi?id=18298
Summary: Security problem with supressing redirects
Product: Wikimedia
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Normal
Component: wikibugs
AssignedTo: [email protected]
ReportedBy: [email protected]
For sysops, the rename function has since a few weeks also a function to
suppress the redirect. Of course, this is a useful function, but I have seen
there are some serious security problems in this new feature.
On the originally page where the page was, nothing can be seen that the page is
renamed. When they rename a page with the supressing option, they are easily
able to let a page disappearing, and it's very hard to see who did this and
where the page actually is, esecially on a larger wiki such as nl.wikipedia
(many moderators, logs etc.)
In the deletion logs of the page, there should be visible that the page has
been renamed without redirect, so it's possible to see who did this and to see
where the page is now. But now it's almost impossible when a page dissapeares,
to see who dit this and where the page is!
This is a pretty serious security thread, which should be fixed very soon (or
set it off until there is a fix)!
(this bug should also be added to the Mediawiki category)
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
