[WikiEN-l] Oh shit, Slashdot is an attack site!

Andrew Gray shimgray at gmail.com
Wed Aug 8 19:41:55 UTC 2007


On 08/08/07, K P <kpbotany at gmail.com> wrote:

> So, explain this slowly, so I udnerstand.  There are actually three
> levels of deletion, or maybe only two.  When a page history is deleted
> so only the annoited can see what was there, that's just regular
> courtesy blanking?  But, of course, not being one of the chosen, how
> can I tell that that is the case?  All I can see is that one day there
> is a page I posted on, and the next day that page, and my post, and
> that page's history is completely gone.  How do I know, again, not
> being among the annoited, that it hasn't been oversighted?  I don't.
> All I know is the history is gone, the innocuous, had nothing to do
> with conspiracies, history of a Wikipedia page is completely gone.

Here's what it is. Basically, you have normal editorial process, the
way a wiki always works. You can add material, you can remove it;
anything removed shows up in the edit history. You can blank a page
completely in the current version, but you still have an old copy to
fall back on.

Now, sometimes, just removing the offending text and letting people
find it in the history is undesirable; you want shot of it properly.
MediaWiki has a "deletion" feature, which takes the page (strictly,
all revisions of the page) and marks them as not being visible.
They're still there in the database, but are no longer visible unless
you have the specific rights; it's reversible by undeletion. Deletions
and undeletions are logged, and you can see - I think - how many
revisions of a given page are currently deleted. You can't tell where
those deletions "came" in the history - I think simply through the
fact that this never got coded rather than any deliberate decision -
which is faintly irritating.

There *used* to be the ability to view the timestamps and edit
summaries of deleted revisions, but this was removed due to abusive
use of edit summaries; there's a patch being worked on to try and get
round this, but I'm not clear what happened to it.

The rights to delete, undelete, and view deleted revisions are handed
out to admins; essentially, whilst we don't particularly want to
*publish* this material, we see no reason not to have it "on file" to
help us do various editorial roles. It's given only to admins because
we have no actual mechanism (or community standing) for any kind of
actively-determined user rights below that, and we don't want to give
it out automatically for reasonably clear reasons!

"Oversight" is essentially *actually* deleting a revision; going out
and nuking it from the database (or the next best thing to it).
Replacing it may or may not be possible, and certainly isn't very
practical. MediaWiki doesn't tell people there was an oversighted
revision because, effectively, as far as it knows that revision never
existed - unlike deletion, where it knows the revision existed, just
got flagged "removed". There is an oversight log, which records the
time and reason for oversighting, and what the revision was; this is
kept private because the content is presumed sensitive.

-- 
- Andrew Gray
  andrew.gray at dunelm.org.uk



More information about the WikiEN-l mailing list