On 17/01/2008, Simetrical <Simetrical+wikilist(a)gmail.com> wrote:
On 1/17/08, Thomas Dalton
<thomas.dalton(a)gmail.com> wrote:
It could be done so admins can delete revisions
in such a way that
only oversighters can undelete them. That would solve (a) while
failing (b). Allow admins to undo only their own such deletions would
help. This would, of course, be in addition to deleting revisions in
such a way that any admin can undelete them.
The basic security measure in a wiki is not to restrict access, but to
allow problematic changes to be easily reversed. People seem to lose
sight of this fact worryingly often these days. Of course it's not
the *only* security measure, but it should always be the first resort,
used exclusive of all other security measures unless in a particular
case it specifically proves itself to be inadequate. I don't think
admin deletion of revisions ever proved itself inadequate, except
insofar as the current way to do it is extremely unwieldy.
Oversight is used in cases where information needs to be removed from
sight, including the sight of admins, deleting revisions doesn't
achieve that. That's why we have oversight.
So this completely defeats the entire principle that
anything an admin
does is easily reversible by another admin. Rogue admin deletes the
Main Page? Better find an oversight user quick! Not a good idea.
Of course, that's why we like all actions to be reversible. Deciding
who can do what isn't really for us to do - it should be a setting in
LocalSettings.php.