Investigate: How can we ensure all WMF wikis have access to IP addresses after IP Masking
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Tchanders
	Nov 29 2022, 4:36 PM

Description

Following the deployment of T300263: [IP Masking] Create temporary account on first edit, IP addresses will be available via the CheckUser extension, specifically the cu_changes table.

We will need to use this information for revealing information about IP addresses to trusted users, via features such as T300289: [IP Masking] IPViewer roles views temporary account users.

However, CheckUser is not deployed to all our production wikis.

We need to know:

Where is CheckUser not deployed?
On these wikis, do IP addresses need to be revealed to trusted users in order to fight vandalism, etc?
If yes, are there any risks with deploying CheckUser on these wikis? How can we mitigate these risks?

Related Objects

Mentioned In: T321391: Add new column cu_log.cul_reason_id and cu_log.cul_reason_plaintext_id to wmf wikis
Mentioned Here: T357959: Install CheckUser in Beta Cluster
T214820: Enable CheckUser for beta cluster
T300263: [IP Masking] Create temporary account on first edit
T300289: [IP Masking] IPViewer roles views temporary account users

Event Timeline

Tchanders created this task.Nov 29 2022, 4:36 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 29 2022, 4:36 PM

Where is CheckUser not deployed?

Beta Cluster, which shouldn't have it.

InitialiseSettings.php

// On in all Production, disabled in all Labs; varied for Labs only.
'wmgUseCheckUser' => [
	'default' => true,
],

Tchanders moved this task from Inbox to Ready on the Temporary accounts board.Dec 1 2022, 6:04 PM

Niharika moved this task from Untriaged to Triage/To be Estimated on the Anti-Harassment board.Dec 5 2022, 10:15 PM

@JJMC89: Is there a reason why the Beta Cluster does not have checkuser enabled? I've always seen people saying it's deliberately disabled, but I have no idea why this is the case.

In T324036#8452525, @Dreamy_Jazz wrote:

Is there a reason why the Beta Cluster does not have checkuser enabled?

Users could access PII without the necessary NDAs. Permissions are basically handed out on request, and the infrastructure doesn't have the same restricted access as the production cluster.

Ah, okay. That makes sense. I guess it's not really possible to disable the ability to assign rights to someone / remove certian rights from existence, so unless that could happen I can see why.

Dreamy_Jazz mentioned this in T321391: Add new column cu_log.cul_reason_id and cu_log.cul_reason_plaintext_id to wmf wikis.Dec 8 2022, 12:04 AM

@JJMC89 I heard that there are other WMF production wikis that may not have checkuser installed. Do you know if that is the case?

In T324036#8468925, @Niharika wrote:

@JJMC89 I heard that there are other WMF production wikis that may not have checkuser installed. Do you know if that is the case?

Only beta (because elevated access is given out more widely, and so is shell/DB access)

https://noc.wikimedia.org/conf/highlight.php?file=InitialiseSettings.php

// On in all Production, disabled in all Labs; varied for Labs only.
'wmgUseCheckUser' => [
	'default' => true,
],

https://noc.wikimedia.org/conf/highlight.php?file=InitialiseSettings-labs.php

		'wmgUseCheckUser' => [
			'default' => false,
		],`

In T324036#8468937, @Reedy wrote:
In T324036#8468925, @Niharika wrote:

@JJMC89 I heard that there are other WMF production wikis that may not have checkuser installed. Do you know if that is the case?

Only beta (because elevated access is given out more widely, and so is shell/DB access)

https://noc.wikimedia.org/conf/highlight.php?file=InitialiseSettings.php
// On in all Production, disabled in all Labs; varied for Labs only.
'wmgUseCheckUser' => [
	'default' => true,
],
https://noc.wikimedia.org/conf/highlight.php?file=InitialiseSettings-labs.php
		'wmgUseCheckUser' => [
			'default' => false,
		],`