Topic on Talk:Wikimedia Security Team/Password strengthening 2019

More potential privileged groups

13
Krenair (talkcontribs)

I think stewards are fairly obvious so I've boldly gone and added that to the list. But what about these global groups?

  • Abuse filter helpers
  • Founders
  • Pathoschild's group
  • New wiki importers
  • Ombudsmen
  • System administrators
  • WMF researchers
Ymblanter (talkcontribs)

I believe stewards are now required to have TFA, so that there was no point in adding them.


This post was hidden by Krenair (history)
This post was hidden by Krenair (history)
This post was hidden by Krenair (history)
Tgr (talkcontribs)

I posted (what I guess is) the full list into the other section. Researchers and Pathoschild seem to be the two missing things.

JogiAsad (talkcontribs)

Well, its a good step, and I think we don't have any issue at Sindhi Wikipedia by implementing it.

Krenair (talkcontribs)

@Tgr I think researchers should be added, they have some important permissions:

  • View deleted history entries, without their associated text (deletedhistory)
  • View deleted text and changes between deleted revisions (deletedtext)
  • View private logs (suppressionlog)
  • View, hide and unhide specific revisions of pages from any user (suppressrevision)
  • Undelete a page (undelete)


Pathoschild's group (seems to also be known as global deleter) has some important ones too:

  • Search deleted pages (browsearchive)
  • Delete pages (delete)
  • View deleted history entries, without their associated text (deletedhistory)
  • View deleted text and changes between deleted revisions (deletedtext)
  • Undelete a page (undelete)
CKoerner (WMF) (talkcontribs)

Thanks for the suggestions. I've updated the list to be more clear on which accounts are included.

Krenair (talkcontribs)

So we're still missing:

  • Pathoschild's/global deleter
  • Researchers
Salvidrim! (talkcontribs)

I see "Global interface editors" on the list, but not local Interface Administrators (aka techadmins, see enwiki page). I also think edit filter managers should be considered "privileged". Both permissions give the ability to completely lock down editing on a wiki if in malicious hands.

Krenair (talkcontribs)
Tgr (talkcontribs)

Edit filter managers, too. They are not that dangerous actually, but can see some private data.

Reply to "More potential privileged groups"