Nick Jenkins wrote:
Why do we do this? Yes, there probably has to be some point at which we start trusting people enough to do easy rollbacks, but "admin" is too high a standard. If someone has a login, and has (say) >= 1000 edits, and has used the system for (say) >= 3 months, there's a pretty good chance they can spot an anon committing vandalism on pages on their watchlist. So why don't we make undoing this easier? Why don't we help such people more, empower them more, and make what they can already do just that bit easier and quicker?
I'm going to let you in on a little secret:
There's a user JavaScript tool that was developed some time ago which provides about the same one-touch rollback capability for any user. Rollbacks of course are nothing special, it's just a little convenience to automate the process, which in a SoftSecurity fashion gives the interested Good Guys a tiny leg up against random vandals.
We have the technical capability to add a rollback-only group. But all that creates is another bottleneck: assigning and managing that permission.
The user JavaScript doohickey is something that people can and do manage themselves with a little cut-and-paste.
Is it ideal? No. But by allowing the community to self-manage, it's more Wiki than a top-down-administered permission group and probably gets used more than such a group would.
-- brion vibber (brion @ pobox.com)