On Mon, Jun 11, 2018 at 3:28 PM Petr Bena <benap...@gmail.com> wrote:
> Is there any historical evidence that sysops being able to edit JS / > CSS caused some serious issues? Your point that "most of > administrators don't understand JS / CSS" is kind of moot. They are > usually trustworth and intelligent people. They don't mess up with > something they don't understand and therefore it makes little sense to > restrict them from being able to do that. > The primary concern here is someone taking over the account by password guessing, social engineering, phishing, exploiting some unfixed MediaWiki vulnerability etc. The secondary concern is admins becoming malicious or doing something stupid as a way of ragequitting, which is rare but does happen (for example, not so long ago, someone thought it would be a good idea to make money by installing a cryptocoin miner on Wikipedia). Admins making a mistake and breaking the site also happens occasionally, but that's not a security problem so it's a pretty minor issue in comparison. I understand your points, but do we really need it? Is it going to > improve anything? It reduces the attack surface. Less people with access means less vulnerable passwords, less people whose system has been infected with the latest computer virus etc. Also there are things we might require JS editors to do which might be inconvenient to some people (e.g. making two-factor authentication required) so it's good to reduce the number of people who have to be exposed to that. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l