Page MenuHomePhabricator

Editing sitewide JS/CSS pages should require elevated security
Open, Needs TriagePublic

Description

Global JS editing is as dangerous as you can get; it should require reauthentication like password changes and such. (Although possibly with a significantly longer timeout as editing a page might take long.)

The kind of POST stashing done by FormSpecialPage probably would not work so well (as the edit interface might be JS-based); maybe a mechanism similar to session timeouts could be used instead.

Event Timeline

Tgr created this task.Jun 13 2018, 3:52 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 13 2018, 3:52 PM
Vvjjkkii renamed this task from Editing sitewide JS/CSS pages should require elevated security to a3aaaaaaaa.Jul 1 2018, 1:04 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
Ankry renamed this task from a3aaaaaaaa to Editing sitewide JS/CSS pages should require elevated security.Jul 1 2018, 4:27 PM
Ankry updated the task description. (Show Details)
Ankry added a subscriber: Aklapper.
CommunityTechBot raised the priority of this task from High to Needs Triage.Jul 5 2018, 7:01 PM

For what is worth, someone at WMF seems to have decided to start enforcing 2FA for this. Last week, WMFOffice started mailing that 2FA MUST be enabled, and threatening with removing administrator access after November 24th.

I replied a few days ago explaining my concerns and that it didn't seem the right measure but did not heard back.

Tgr added a comment.Nov 26 2018, 9:22 PM

For what is worth, someone at WMF seems to have decided to start enforcing 2FA for this. Last week, WMFOffice started mailing that 2FA MUST be enabled, and threatening with removing administrator access after November 24th.

This task is about requiring 2FA before making JS edits, not requiring 2FA on login (and needs more technical work before it is feasible, if at all wanted). Requiring 2FA on login for certain user groups is T150898: Force OATHAuth (2FA) for certain user groups in Wikimedia production (although it focuses on the technical side and has no mention of administrators, but still a better place to discuss your concerns).

Well, requiring 2FA just for making JS edits seems a solution more suited to the problem. I was reporting that it was being to tackled that other way. Sorry if I was a bit ranty.

Nirmos added a subscriber: Nirmos.Jan 11 2019, 8:50 PM