On 17/01/2008, Simetrical Simetrical+wikilist@gmail.com wrote:
On 1/17/08, Thomas Dalton thomas.dalton@gmail.com wrote:
It could be done so admins can delete revisions in such a way that only oversighters can undelete them. That would solve (a) while failing (b). Allow admins to undo only their own such deletions would help. This would, of course, be in addition to deleting revisions in such a way that any admin can undelete them.
The basic security measure in a wiki is not to restrict access, but to allow problematic changes to be easily reversed. People seem to lose sight of this fact worryingly often these days. Of course it's not the *only* security measure, but it should always be the first resort, used exclusive of all other security measures unless in a particular case it specifically proves itself to be inadequate. I don't think admin deletion of revisions ever proved itself inadequate, except insofar as the current way to do it is extremely unwieldy.
Oversight is used in cases where information needs to be removed from sight, including the sight of admins, deleting revisions doesn't achieve that. That's why we have oversight.
So this completely defeats the entire principle that anything an admin does is easily reversible by another admin. Rogue admin deletes the Main Page? Better find an oversight user quick! Not a good idea.
Of course, that's why we like all actions to be reversible. Deciding who can do what isn't really for us to do - it should be a setting in LocalSettings.php.