On 7 February 2012 16:48, David Gerard dgerard@gmail.com wrote:
On 7 February 2012 15:43, Svip svippy@gmail.com wrote:
Which reminds me; what sort of permissions are we thinking? It should certainly be something higher than Sysop.
What are the permissions for the WikiAdmin account?
There *is* a WikiAdmin account? For most installations, a Sysop is created during installation, so there is a Sysop available from the beginning. This account has no special rights other than being part of the Sysop and Bureaucrat group per default. It is quite possible (and not entirely unthinkable) that his rights might need being taken away from him. He might retire and so forth.
I presume this is the reason MediaWiki does not have a generic WikiAdmin account. My installations certainly do not, and surely hope neither does yours.
MediaWiki lacks a concept of moderators, because there has never been a need for it. The group of people you want to have access to a configuration file is usually one or two. For this Administration page to have some level of security, an entire new rights group should be created. A group above Sysops. And that's when things get tricky. Because can a Bureaucrat appoint this new group to a member? If so, that's a huge liability.
Or are bureaucrats limited to appoint position only to their level and below[1]? If so, how on a former installation being upgraded are we going to be able to appoint this new group? We cannot suggest people should manually alter some flags in the database or have the upgrader do it (that might lead to abuse or a fail prediction of a Sysop, etc.).
So if we cannot technically create a new group without serious security issues for older installations, then perhaps a password protected page; but I sincerely believe that is rather undesirable.
And we are back to why this new feature should be disabled per default.
[1] Although, I do believe that there is no 'level' system in MediaWiki, so a bureaucrat can alter anyone's group to any other group(s).