Page MenuHomePhabricator
Create Task
Maniphest T197130

Document MediaWiki elevated security feature
Open, MediumPublic
Actions

Description

If we plan to rely on elevated security more, it needs to be documented better. The hook and configuration variables have reasonably informative documentation pages ($wgReauthenticateTime, $wgAllowSecuritySensitiveOperationIfCannotReauthenticate, SecuritySensitiveOperationStatus) which is good for wiki admins but not for users or developers needing a quick overview of the concept. There should be a help page and a manual page.

Related Objects
Search...

Event Timeline

Tgr created this task.Jun 13 2018, 3:37 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 13 2018, 3:37 PM
Aklapper added a project: MediaWiki-General.Jun 13 2018, 4:49 PM
Tgr mentioned this in T197160: All security-sensitive MediaWiki functionality should require elevated security.Jun 13 2018, 5:22 PM
Tgr added a parent task: T197160: All security-sensitive MediaWiki functionality should require elevated security.Jun 13 2018, 5:24 PM
Quiddity subscribed.Jun 13 2018, 9:20 PM
Vvjjkkii renamed this task from Document MediaWiki elevated security feature to h3aaaaaaaa.Jul 1 2018, 1:04 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii added projects: CheckUser, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), Tamil-Sites, Gamepress, Hashtags, Jade, KartoEditor, Language-2018-Apr-June, New-Editor-Experiences, Mail, TCB-Team (now WMDE-TechWish).
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
Ankry renamed this task from h3aaaaaaaa to Document MediaWiki elevated security feature.Jul 1 2018, 4:32 PM
Ankry raised the priority of this task from High to Needs Triage.
Ankry removed projects: TCB-Team (now WMDE-TechWish), Mail, New-Editor-Experiences, Language-2018-Apr-June, KartoEditor, Jade, Hashtags, Gamepress, Tamil-Sites, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), CheckUser.
Ankry updated the task description. (Show Details)
Ankry added a subscriber: Aklapper.
srodlund moved this task from Backlog to New Technical Documentation Request on the Documentation board.Aug 16 2018, 5:59 PM
Phabricator_maintenance added a project: acl*security.Sep 20 2018, 9:15 AM
Aklapper removed a project: Security-Core.Nov 27 2019, 12:42 PM
chasemp triaged this task as Medium priority.Dec 9 2019, 4:56 PM
chasemp added a project: Security.Feb 10 2020, 10:58 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:07 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL