2009/6/4 Andrew Garrett agarrett@wikimedia.org:
When did we start treating our administrators as potentially malicious attackers? Any administrator could, in theory, add a cookie-stealing script to my user JS, steal my account, and grant themselves any rights they please.
That's why I started this thread talking about things being done right now by well-meaning admins :-)
- d.