On Mon, Jun 11, 2018 at 6:26 PM, Nathan <nawrich(a)gmail.com> wrote:
Is the risk of an attacker taking over an account with
CSS/JS edit
permissions any more or less because that person knows how to use CSS/JS?
If the criteria will be that only people who know how to use CSS/JS will
get access to make those edits, I'm not sure that is perfectly tailored to
the need being identified - security from outside threats.
That's a good point that I hadn't considered, and that I think further
supports the approach that Steven advocated instead of the approach of
developing a new user permission.
Can we make the
edit right temporary, so someone can request it through a normal simple
process, execute their edits, and then relinquish it? It can be a right
that admins could grant to each other, as long as they can't gift it to
themselves.
I think that a per-edit review would be preferable, so that someone can't
request what they say will be benevolent edits and then do something
malicious before anyone else has enough time to review all of the changes
that they made.