Jimmy (Jimbo) Wales wrote:
p.s. Separately, my wife called me while I was driving home, and she had looked at the article on her computer, and in her case she saw the goatse.cx image there. this was not a caching issue nor was it the same issue at all, but just routine vandalism. I am more convinced than ever now that we need a "soft protect" mode of "slow publishing" for certain very very popular and very very important articles.
Adding this extra layer of tweakability between "not protected" and "protected" might be useful, however it is not the solution to the problem you describe - even if an article is fully protected a clever vandal can still upload trash to replace an image that appears on a protected page.
Allan's solution - disallow overwriting of images - would solve the problem completely, be trivial to implement (we already check for pre-existing pictures of the same filename), and has only the minor drawback of perhaps using a bit of extra disc space now and then.
I urge that it be implemented as soon as is practicable)
Pete
(Sidenote: "Clever vandals" who can figure out how to pull this trick are more dangerous than stupid vandals. They are thus rightly normally given very short latitude before banning, although with proxy ips abounding we still need the technical solution outlined above).