On 07/02/12 16:59, Svip wrote: > Or are bureaucrats limited to appoint position only to their level and > below[1]? If so, how on a former installation being upgraded are we > going to be able to appoint this new group? We cannot suggest people > should manually alter some flags in the database or have the upgrader > do it (that might lead to abuse or a fail prediction of a Sysop, > etc.). > > So if we cannot technically create a new group without serious > security issues for older installations, then perhaps a password > protected page; but I sincerely believe that is rather undesirable.
If old installs don't have the GUI enabled, there's no problem. > And we are back to why this new feature should be disabled per default. > > [1] Although, I do believe that there is no 'level' system in > MediaWiki, so a bureaucrat can alter anyone's group to any other > group(s). There are no 'levels' (this is sometimes a problem for eg. having protections greater of sysop) It is possible to restrict what can bureaucrats add by configuring the AddGroups, although in this case we would want something like "anything but this level" which isn't available yet. _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
