On Tue, Aug 17, 2010 at 11:47 AM, David Gerard <dgerard(a)gmail.com> wrote:
On 17 August 2010 17:54, Graham
<tolliver(a)dal.ca> wrote:
So I guess there isn't any possibility to
have a group of users assigned
to a Namespace, and the other users status quo.
The owner of the wiki doesn't want another one to administer, so that's
why I am trying to be one hundred percent clear. The owner indicated
that the main Namespace being open isn't an issue. However, being able
to assign a few users to one Namespace, and having the remainder of
users functioning as usual is required.
Just want to be clear.
There are extensions that let you do this sort of thing to some
degree, but they're not part of the main MediaWiki code and are not
likely to be.
The trouble is that even if you restrict users to a namespace or from
a namespace, evidence of the namespace will leak to public visibility
- content, special pages, etc.
The only way to properly secure MediaWiki on this level would be to
put restricting code into every function of this rather large and
complicated piece of software ...
Here's a category of such extensions. I've never used any myself, but
the devs have detailed the problems with such extensions:
http://www.mediawiki.org/wiki/Category:Page_specific_user_rights_extensions
Speaking as an intranet system administrator, I'd never try to do this
- if someone wants a secure wiki they get a separaste instance, if
they want page-level security inside a single wiki then MediaWiki is
likely not the right tool.
- d.
The CIA generated code to add rigorous security classification levels
to MediaWiki would be useful to see; I tend to agree with David that
MediaWiki (even with available extensions) isn't a good tool for this
job.
I think that the code was kept private, though.
The problem with other Wiki software that's better at security is that
it's as a rule much more lousy Wiki software.
The Wikimedia Foundation per se doesn't have incentive or a goal to
rebuild MediaWiki as something in which real security is a design goal
right now. Which is somewhat unfortunate, as some commercial and
organizational users could use that. The CIA did, but we didn't get
the code.
I think that the world and industry as a whole are somewhat harmed by
the situation; adoption rate of intranet Wikis is somewhat slow in
many environments, because they're using more lousy Wiki platforms.
--
-george william herbert
george.herbert(a)gmail.com