https://bugzilla.wikimedia.org/show_bug.cgi?id=41778
--- Comment #13 from Trijnstel <[email protected]> 2012-11-18 10:41:45 UTC --- (In reply to comment #11) > This bug is currently marked high importance, major bug, but I'm not sure > there's any evidence of that. Is there any evidence of edits or actions > post-local Meta-Wiki block on this range? > > Global blocks are not supposed to apply at Meta-Wiki. So that's not really a > bug. But if, after you also locally blocked the range, there are edits, that > would be a major bug. I haven't seen any evidence of this. > > I _think_ there's a generic issue here where blocked individual IPv6 (and > maybe > v4 as well) addresses don't "know" or don't _report_ that they're blocked > everywhere you might check. But, again, if it's just a reporting issue and > there the local block is working as expected (and the global block is also > working as expected for that matter), then the priority/importance of this bug > can be dramatically lowered. Actually, it is a major bug. I saw it happening multiple times and I can give you the evidence if you want. To proceed with the original example of the abuse of IPv6 address 2605:8900:5000:1001:6:0:E:2. Here's the timeline: * 1 Nov 2012 12:40-12:42 - he vandalized on meta with 2605:8900:5000:1001:6:0:10C:2 (edits hidden) and therefore I decided to locally block the IPv6 range on meta -> http://meta.wikimedia.org/wiki/Special:Contributions/2605:8900:0:0:0:0:0:0/32 (this range was already globally blocked by Jyothis in July 2012 for a year) * 5 Nov 2012 10:34-10:39 - he continued on meta with the account "MoìraMoìraMoìra" (https://meta.wikimedia.org/wiki/Special:Contributions/Mo%C3%ACraMo%C3%ACraMo%C3%ACra); a checkuser looked at the underlying IP and it turned out to be 2605:8900:5000:1001:6:0:E:2 (which falls in the /32 range I already blocked on 1 Nov 2012). It was a hardblock, so in theory no one should be able to create an account and use it on meta... it did happen though. I have no evidence that it happened on other projects outside meta, but it's not impossible of course. And yes, the rule still stands that meta is the only project not affected by global blocks, but as I locally blocked this range and the vandal was still able to create and use accounts... that's just wrong. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
