Is the risk of an attacker taking over an account with CSS/JS edit permissions any more or less because that person knows how to use CSS/JS? If the criteria will be that only people who know how to use CSS/JS will get access to make those edits, I'm not sure that is perfectly tailored to the need being identified - security from outside threats. Can we make the edit right temporary, so someone can request it through a normal simple process, execute their edits, and then relinquish it? It can be a right that admins could grant to each other, as long as they can't gift it to themselves. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
- [Wikitech-l] Please comment on the draft consultation... Gergő Tisza
- Re: [Wikitech-l] Please comment on the draft con... Petr Bena
- Re: [Wikitech-l] Please comment on the draft... Bartosz Dziewoński
- Re: [Wikitech-l] Please comment on the draft... Thiemo Kreuz
- Re: [Wikitech-l] Please comment on the d... Petr Bena
- Re: [Wikitech-l] Please comment on the d... Bart Humphries
- Re: [Wikitech-l] Please comment on t... Steven Walling
- Re: [Wikitech-l] Please comment... Gergo Tisza
- Re: [Wikitech-l] Please com... Pine W
- Re: [Wikitech-l] Please... Nathan
- Re: [Wikitech-l] Please... Pine W
- Re: [Wikitech-l] Please... Gergő Tisza
- Re: [Wikitech-l] Please comment on the draft... Gergo Tisza
- Re: [Wikitech-l] Please comment on the draft con... Pine W
- Re: [Wikitech-l] Please comment on the draft con... Federico Leva (Nemo)
- Re: [Wikitech-l] Please comment on the draft... Gergő Tisza