Wikipedia talk:Protected editing rights

Moved from a village pump/policy thread

New individual access level: editprotected

Latest comment: 15 years ago174 comments108 people in discussion

Background: Recently, an administrator from the German Wikipedia requested adminship so he could edit the English Wikipedia spam blacklist. The discussion is ongoing, but many of those in opposition do not want to grant him more rights than he needs to edit that blacklist.

Issue: Currently the editprotected right applies to administrators and bureaucrats. I think this should change.

Many templates are permanently protected against abuse, as are some sensitive pages in other namespaces, such as MediaWiki:Spam-blacklist. Allowing more than just administrators to edit these pages would reduce the workload of existing administrators and would allow those who wanted to work in these areas to avoid the bureaucracy of requesting adminship and avoid handing out tools like "view deleted edits" or "block user" to those who don't really need them.

I have two proposals I'd like a straw poll and comments on before I do a full proposal:

New individual access level: editprotected proposal 1: general editprotected access

Proposal 1 A new access category, similar to rollbacker or accountcreator, which grants editprotected rights and nothing else. Who could give this permission and under what circumstances would be discussed at a later RfC, probably bureaucrats either on their own authority or through a lightweight RFC, but possibly administrators.

Discussion

Support

1. Very weakly supporting. I don't see a burning need to do this, but I agree with it in principle. It's mostly a question of whether it's worth stirring up all the ruckus to make it happen. If I were designing the system from the ground up I would include this, but I haven't run into any situations where it's been all that critical. SDY (talk) 00:33, 19 December 2008 (UTC)Reply
2. Weak support Adding another layer of bureaucracy. This is an issue that comes up very seldom. But it is more beneficial to grant such requests this way than denying a task oriented RFA candidate in a strife ridden drama. For a precednt, we have already split off rollback and allowed admins to grant it. Dlohcierekim 01:31, 19 December 2008 (UTC)Reply

   To clarify, (rollback was just an example of change), as Lar says below, this should be a consensus driven, crat administered process. Someone with a very specific area they wish to edit, as a specialist, with skills apart from adminship, who has a support from the community for such as a remit as cheerful seth is now seeking the whole package for. Dlohcierekim 03:12, 20 December 2008 (UTC)Reply

3. Support. What the hell; if it doesn't work, we'll stop. I'd go with "editprotected" + ability to semi-protect plus ability to move over redirects if it were up to me, but just "editprotected" should work fine. Seeing how someone handles the mini-mop (sponge? Oh the "sponge-worthy" jokes) would give us a good idea how they'd handle adminship, and not a lot of harm would be done if we have to "ex-sponge" them (told ya). I think the accelerated "thumbs-up" from the community would fill an emotional need, and we could use more people doing these chores. - Dan Dank55 (send/receive) 02:38, 19 December 2008 (UTC)Reply

   Now making support conditional on letting these users edit a smaller subset of pages than admins can edit. Matthew makes the case on his talkpage that editing some protected pages could have scary and even legal consequences. Also, I think there's enough opposition to this that it won't pass in this form, and people seem to want something a little different; let's keep talking. - Dan Dank55 (send/receive) 02:59, 22 December 2008 (UTC)Reply

4. Strong Support I think of all of the people who come to RfA for a single reason, to get a single tool that they could use to benefit the project, that has the least risk for abuse, and it would be this. If they are trusted with the tool, then we know they won't use it to violate protection blocks on articles---and if they did, it could be reverted like Rollback. But we are routinely getting candidates who want the ability to edit the templates or other parts of the project where they contribute, but can't because it has been protected.---Balloonman ^PoppaBalloon 02:40, 19 December 2008 (UTC)Reply
5. Weak Support, kinda like the idea...but not sure Absolutely, as Balloonman has said: our German colleague's RfA indicates this would be a useful permission to unbundle. This userright, incidentally, was a strong reason I decided to run for RfA: I needed to make multiple edits to a fully-protected project template. I wasn't going to break anything, and I had the project's endorsement. It became a hassle to bother admins to do my work for me. On the other hand, this would add a layer of bureacracy. To be honest, if I trusted someone to edit protected templates, then I would trust him with the whole package. Lazulilasher (talk) 02:51, 19 December 2008 (UTC)Reply

   It wouldn't be more of another level than rollback rights.---Balloonman ^PoppaBalloon 04:05, 19 December 2008 (UTC)Reply

6. Support—I've long thought that it would be useful to allow some of the "safer" admin rights to be unbundled as their own user groups, and this seems a feasible proposal. I must note that I oppose this group including the editinterface right, though: editing the MediaWiki space could have more dire consequences than, say, editing the Main Page. {{Nihiltres|talk|log}} 03:03, 19 December 2008 (UTC)Reply
7. Support - Per comments already mentioned, I've always supported similar proposals. Something tells me it won't happen though...Wikipedia does not like change. — Realist² 03:17, 19 December 2008 (UTC)Reply
8. Support - Editprotected makes the most sense to me to be unbundled. --Izno (talk) 03:49, 19 December 2008 (UTC)Reply
9. Support OK this is of course subject to the developers saying whether or not a particular unbundling is technically feasible; but if it were, this would be useful to editors like myself who want to make non controversial edits to protected pages such as thrity - thirty, (page was protected at the time). But there would be wider advantages to the Wiki, just as with Rollback, the more specific tools like this that are available to those who show a specific need for them, the less of a MMORPG this place will become, and hopefully we would see fewer "the toolset comes as one package" opposes at RFA. ϢereSpielChequers 11:21, 19 December 2008 (UTC)Reply
10. Support - if any of the admin tools are going to be unbundled, this is the one to start with. The ability to edit protected pages is a (fairly) minor thing; if someone only wants that ability, and they are sufficiently trustworthy, I think it should be unnecessary to make them go through the mess of an RFA. I'd rather limit the ability to hand out this new right to bureaucrats, as it's more their area of expertise than admins' - but as long as it's easy to remove, like rollback is, it probably wouldn't make much of a difference either way. Terraxos (talk) 11:39, 19 December 2008 (UTC)Reply
11. Support I don't think that we have a serious need to do this, but I think we will get more benefit out of this than harm. I suggest that we give and remove this just like rollback with admins giving and removing. Captain panda 13:45, 19 December 2008 (UTC)Reply
12. Support Surely inertia will kill this proposal, but I do think that this would be a great idea, perhaps also splitting editinterface as well, or what if we made pages like the spam blacklist and other blacklists editable within their own right, like editblacklists, this would be useful in this situation. Foxy Loxy ^Pounce! 13:57, 19 December 2008 (UTC)Reply
13. Strong Support - I have always supported breaking up some of the tools that aren't part of the main trifecta (Block, Delete, Protect), and this would help. This would save niche users the trouble of going through RfA. And hopefully, no admin will be foolish enough to give out this user group until a process is defined. NW's Public Sock (talk) 15:17, 19 December 2008 (UTC)Reply
14. Strong Support I could use this tool now and then, though due to the immense hostility at RFA I'd be unlikely to pass. ~the editorofthewiki ^{(talk/contribs/editor review)}~ 20:59, 19 December 2008 (UTC)Reply
15. Support There are plenty of good coders and project space operators out there who are willing to do this. Also, for the opposes, just because the right is devolved like rollback doesn't mean that the criteria have to be the same. It could very well be that the number of people who get this tool is 1/2 or 1/10 of the rollbackers out there. On the side, I support breaking down most of the admin tools so they may be handed out piecemeal. Protonk (talk) 01:20, 20 December 2008 (UTC)Reply
16. Support - but with the proviso that it can't just be handed out by admins based on a talk page request... a (lightweight) review process needs to happen, and the right handed out by a 'crat... otherwise, no. ++Lar: t/c 02:06, 20 December 2008 (UTC)Reply
17. Support with the view that this is meant for editors with a very specific purpose (similiar to accountcreator and IPexempt, we should not see the number of users under this cat exceed three figures), with no need for the use of other components. We have some of them which were grilled on RfA because they needed this feature and this feature only, but it came as a set. It should help them significantly. - Mailer Diablo 08:51, 20 December 2008 (UTC)Reply
18. Support asI support the splitting of admin rights. This works. PXK ^T /_C 22:45, 20 December 2008 (UTC)Reply
19. Support I have no other comments for now as they can be kicked around during the RFC if/when it occurs. §hep • ¡Talk to me! 03:44, 21 December 2008 (UTC)Reply
20. I can't forsee too much harm in general coming from giving a trusted editor access to this administrative ability. I am, however, concerned by how giving out this access level might be potentially gamed by a vandal or troll to vandalize the main page, for instance. MBisanz below brings up a real concern, and we have to ensure that we aren't giving out the bit to an edit-warrior. We also have to make sure that this is an access level easily revoked if misusued, similar to rollback. Specializing this user-right, such as for template work, is a good idea. Master&Expert (Talk) 20:22, 21 December 2008 (UTC)Reply
21. Support Per Dank55 and Balloonman. Jake Wartenberg^talk 22:00, 21 December 2008 (UTC)Reply
22. Support. Any increased granularity of privilege is a positive step on any number of levels. Chris Cunningham (not at work) - talk 15:25, 22 December 2008 (UTC)Reply

    May as well. Although if it were a template-only right, it would be a shoo-in. Stifle (talk) 17:07, 22 December 2008 (UTC)Reply

    I am amazing at disagreeing with myself. Stifle (talk) 09:23, 28 January 2009 (UTC)Reply

23. Support. Absolutely. Essentially all of the concerns people that are opposing have raised can be handled in who gets the new right. Think about it. All admins currently get this, so we are giving it out, if it is only given out to a few more people that are highly trusted but have no desire to go through the RFA gauntlet or don't have desire for the other tools then it is still a net win. More likely there are a lot of trusted users in that position and they could learn how to use these tools better than most admins and get the tasks done more effectively. But again, how the right is given out can fairly easily be handled later. - Taxman ^Talk 17:51, 22 December 2008 (UTC)Reply
24. Support I'll remind everybody that User:Archtransit (desysopped and banned) asked for adminship so he could help out at WP:DYK which required editprotected access for T:DYK. It would have been quite nice to have given just that access, instead of full adminship. Jehochman ^Talk 01:16, 23 December 2008 (UTC)Reply
25. Support per Chris Cunningham above. I like to think I'm a user who would be trusted with editing protected pages though I'd clearly never survive an RFA. Maybe I'm not trusted to update the DYK template? Honestly, you think editors like myself would spend years here to get +editprotected and right away go screw with {{!}} just for giggles? Get a grip. <Boilerplate dismay about those affecting (if not intending) perpetuation of the admin superclass below>. --JayHenry (t) 07:02, 23 December 2008 (UTC)Reply
26. Support, especially for templates; it's quite frustrating to not be able to improve something simply because it's high-use. There does not seem to be any reason aside from the technical one to bar Jay from editing DYK. Rollback was a thorough success, and further unbundling is certainly worth pursuing. I suggest the privilege be removed from editors who make non-trivial alterations to fully-protected articles; we do not want this to become a "cabal-endorsed pov-pusher" designation. Skomorokh 13:12, 23 December 2008 (UTC)Reply
27. Support as long as editinterface is included. Dendodge Talk^Contribs 14:57, 23 December 2008 (UTC)Reply
28. Support particularly for the Template namespace. This would be extremely useful for WikiProjects, where many of the templates are protected preventing non-admins who are very active on projects from managing and fixing templates. For instance, I honestly don't want to go through RfA and become an admin just so I can edit protected template pages. The protection is there to stop vandals from trashing it. The problem is, trusted users are stopped in the process, also meaning the the reliance on admins to maintain these pages greatly increases. As said above, if any tool is be split from the Admin toolset, this is the very one. Obviously any abuse of such a tool could be revoked immediately, and I honestly doubt it could cause much damage. --.:Alex:. 18:08, 9 January 2009 (UTC)Reply
29. Support, seems reasonable, RFA should be replaced with à la carte user rights requests. —Locke Cole • t • c 20:21, 18 January 2009 (UTC)Reply
30. Support, If the editprotected right was available on it's own, I would be requesting it. As I've used the {{editprotected}} on may occasions. A couple of points I'd like to make though:
    1. Should only be granted to users who have made a number of editprotected requests and had the majority of them accepted.
    2. When making large or contentious changes, anyone with the editprotected right should still be discussing them first on the talk page rather than just doing them because they can. -- WOSlinker (talk) 20:46, 18 January 2009 (UTC)Reply
31. Weak support But would this leave being an administrator to just to change some account rights? Hereford 23:13, 18 January 2009 (UTC)Reply
32. Support. If a user is trusted on another wiki, he/she can be trusted here not to abuse the tool. Even regular admins are trusted not to edit a page that has been protected because of a dispute. It's the same with the Betamax case; just because Betamax could be used for infringing purposes does not make Betamax itself illegal. -- King of ♥ ♦ ♣ ♠ 08:35, 20 January 2009 (UTC)Reply
33. Strong support I know of several areas where the project would benefit from allowing non-admin users to edit protected pages—for example, the queue pages used in the DYK process, and some templates. These are mostly protected just in case of random vandalism and stuff, not because they're the subjects of edit wars or persistent vandalism...and in some of these cases (such as DYK) there are non-admins who work in that area a lot but can't help out as much as possible because of th e edit protection. Me, for example, I do a lot at DYK pages and work with various other templates a bit, but am not interested in being an admin, so for now I'm just stuck asking other people to make edits for me...if this proposal were implemented, I would be able to make myself more useful without taking on adminship tools that I don't want. Politizer ^talk/_contribs 06:14, 21 January 2009 (UTC)Reply

    If you don't want an admin tool, don't use it. Take a look at my block log sometime if you don't think it's possible to do so; I've been an admin for almost a year now. Happy‑melon 17:17, 21 January 2009 (UTC)Reply

34. General Support as Wikipedia expands the number of edit protected pages expands with it. It make sense to create a half-way between restricting editing to recently created accounts and to admins. — Blue-Haired Lawyer 19:42, 21 January 2009 (UTC)Reply
35. Support I know this is the periodic proposal, but it is a step in the right direction. Rollback was not near as bad as anyone thought. Zginder 2009-01-23T04:57Z (UTC)
36. Support WikiGnomes mantain wikipedia, lets give 'em (us) the tools to do so. Yes, eventually someone will need to be demoted, but so have been admins and even Arbs -fear of wrongdoing should not stop boldness in empowering WikiGnomes.--Cerejota (talk) 10:56, 24 January 2009 (UTC)Reply
37. Yes, yes, and yes! It would allow those of us who want to work on templates and do uncontroversial work on protected page without going through the abysmall process of RFAs!Headbomb {^ταλκ_{κοντριβς} – WP Physics} 00:20, 29 January 2009 (UTC)Reply
38. Support. More possible levels of access means more flexibility, and more flexibility is good.--S Marshall ^Talk/_Cont 18:48, 30 January 2009 (UTC)Reply
39. Strong Support - I would want this. The only time I would ever need sysop at en is to view deleted pages and to edit protected ones (rarely history merges or certain move features). This seems simple enough. Ottava Rima (talk) 22:19, 30 January 2009 (UTC)Reply
40. Support. עוד מישהו Od Mishehu 13:53, 2 February 2009 (UTC)Reply
41. Support per S Marshall. I think that adding one more "layer" to the users field could be a good way for wannadbe admins like me to practice normally admin-like duties such as editing editprotected pages. So long as it's a granted right like rollbacking, I don't see a problem. Ten Pound Hammer and his otters • ^{(Broken clamshells • Otter chirps • HELP)} 22:35, 6 February 2009 (UTC)Reply
42. Support - This will put less stress on administrators, and if it's granted like rollback, it will be fine. Techman224^Talk 04:05, 8 February 2009 (UTC)Reply

    Also, I think this should have stricter rules to apply, but I still support it. Techman224^Talk 15:33, 14 February 2009 (UTC)Reply

43. Support as per Headbomb above. I'm a longtime contributor with rollback rights, but I think the RFA process is hopelessly flawed. I often have to work on protected templates, and it is a real waste of time to have to ask and admin for permission to make a relatively uncontroversial change to a template. I would go up for RFA (again) but I don't want to deal with being publicly pilloried by a bunch of people whom I don't even know. --Eastlaw ^talk ⁄ _contribs 09:56, 8 February 2009 (UTC)Reply
44. Strong Support especially considering how successful rollback has been, and workload reduction for sysops. My comment would be in addition to creating an editprotected access level, to still leave the option of protecting individual pages such that only administrators can edit, if necessary (e.g. for high risk templates) Mister Senseless™ (Speak - Contributions) 20:51, 9 February 2009 (UTC)Reply
45. Support Reduce load for admins. Most protected edits are not controversial. Reywas92^Talk 15:56, 16 February 2009 (UTC)Reply
46. Support any distribution of admin tools from one katamari-like Administrator category to several individual rights, given or removed on their own merits. If someone can be trusted to use certain tools but is not yet known to be trustworthy for others (or if an admin can't be trusted with a certain tool, but can be for others), this category would greatly help. -kotra (talk) 18:41, 16 February 2009 (UTC)Reply

    Comment: I see from the opposes below the main objection is that it would be dangerous to give this tool to non-admins. To that I respond: then just don't give it out except in rare circumstances, when you know the user has an admin (or near-admin) level of trust. -kotra (talk) 18:46, 16 February 2009 (UTC)Reply

47. Strong Support - Distributing this relatively harmless power to non-Admins will only have good effects, just as non-Admin rollbackers. Nutiketaiel (talk) 21:21, 16 February 2009 (UTC)Reply
48. Support - And I've got an example why. I came across an orphaned non-free image and intended to put the {{di-orphaned fair use}} tag on it, but it was protected. I requested protection removal, but that was denied, and the admin placed the tag on the page themselves. Unfortunately, they didn't put a date in the tag, and the non-free image still exists, even though it was tagged February 2. If I could've tagged it myself, it would've been deleted by now. --JaGa^talk 05:59, 17 February 2009 (UTC)Reply
49. Support - page protection is primarily to keep out vandals (and poor edits). I see know reason why long-term editors in good standing that are well-trusted can't edit such pages. I've come across many mistakes (not just factual errors... grammatical errors, spelling mistakes, formatting problems, etc.) that I would love to fix and would in a heartbeat... if only the page wasn't protected. --Alinnisawest,^{Dalek Empress} (extermination requests here) 23:07, 19 February 2009 (UTC)Reply
50. Support - Editors who have been proved trustworthy ought to be able to edit protected pages when the need arises, without the need for a full RfA. If the privilege is abused, it can be taken away. Rlendog (talk) 02:27, 20 February 2009 (UTC)Reply
51. Support And make it quite obtainable. Themfromspace (talk) 08:38, 20 February 2009 (UTC)Reply

Oppose

1. Oppose until this is a proper proposal and criteria are developed. Given the number of pages that are protected right now precisely because registered users mess around with them (especially templates), and how many pages are protected because of edit warring by registered users, I am not persuaded that this needs to be handed out "like rollback". Risker (talk) 04:33, 19 December 2008 (UTC)Reply

   I support the idea of knowing exactly what we're proposing before we get too excited, too, but I'd like to see how the conversation develops before we chisel it in stone. I oppose the idea of debating criteria; we'll only get it wrong. We have figured out the FAC criteria by taking it one article at a time, and the RfA criteria by taking it one candidate at a time. That seems to work best. - Dan Dank55 (send/receive) 05:01, 19 December 2008 (UTC)Reply

   Ah, well then. Rollback wasn't such a big deal because it can only really affect one page at a time. Editprotected access can affect thousands with one keystroke. I turn down nearly half of the editprotected requests I review because they aren't based on consensus or are otherwise improper. There's a reason why these pages are edit protected - to ensure sober second thought before they are modified. And since assessment of consensus is really something the community has decided is an admin task, I think this needs to remain in the admin-only toolkit. Risker (talk) 05:09, 19 December 2008 (UTC)Reply

2. Oppose This proposal is strange. The author mentions a German Wikipedia administrator, which needs adminship in order to edit spam blacklist. However this list in the MediaWiki namespace, editing of which requires 'editinterface' right. So granting this German administrator 'editprotected' right will not solve their problems. So I can not support this proposal, because it is unclear what is actually proposed? To grant some editors all three editprotected rights ('editprotected', 'editinterface' , and 'editusercssjs') or only some of them. What will be the process of granting and removing them? Ruslik (talk) 12:00, 19 December 2008 (UTC)Reply
3. Oppose No, most pages are protected for very good reasons, like system messages, templates, or edit warring among established editors. Expanding the number of people who could mess up such a situation, when there is no backlog in handling requests, is a bad idea. Even admins who are not experts in system messages or templates should use edit protected in such situations. MBisanz ^talk 15:14, 19 December 2008 (UTC)Reply

   I know I've waited longer than a week for some of my editprotected requests to be fulfilled. If there's not a backlog, then waiting that long suggests that not enough admins cover that area frequently enough. §hep • ¡Talk to me! 03:50, 21 December 2008 (UTC)Reply

   To expand a bit more the following cases show why this is a bad idea:

   • Editing MediaWiki pages like MediaWiki:Copyrightwarning can alter the legal release of content by editors corrupting the database with incompatible material.
   • Editing MediaWiki pages like MediaWiki:Common.js and MediaWiki:Common.css can alter the way the site functions for editors rendering it unusable.
   • Editing Template pages like Template:! and Template:Portal can trigger a cascade failure that would render the site uneditable or worse, rotate millions of vandal edits through high visibility pages like Main page.
   • Editing article pages like the Main page that are viewed by hundreds of thousands of users per second can dramatically impact the site's reputation and standing.
   • Editing code pages like User:MBisanz/monobook.js can trigger auto-log-out sequences that prevents a user, even an admin, from logging into the system.
   • Editing an image like File:LinkFA-star.png that is shown on thousands of articles and would trigger rolling vandalism even if quickly reverted.
   • Editing code pages like User:Animum/easyblock.js can trigger massblocks/deletes by administrators using the script, in effect hijacking an admin account.
   • And of course, giving someone the ability to edit a page to their version, can lead to wheel-wars, as best shown in Wikipedia:Requests for arbitration/Sarah Palin protection wheel war and Wikipedia:Requests for arbitration/IRC.

   For all these reasons, it seems to me that it is too dangerous to permit this splitting of rights. MBisanz ^talk 04:51, 23 December 2008 (UTC)Reply

   As I understand the code, giving only the 'editprotected' right would not allow most of those examples. Editing MediaWiki namespace pages needs the separate 'editinterface' right. Editing other users' css/js needs the separate 'editusercssjs' right. 'editprotected' also does not give permission to edit cascade-protected pages, which includes Template:!, Template:portal, and Main page; a good argument could be made on the basis of non-cascade-protected high-use templates. I don't know whether they could upload a new version of File:LinkFA-star.png or not, and that leaves edit warring that should immediately lose them the editprotected right. Anomie⚔ 05:51, 23 December 2008 (UTC)Reply

   Well my other point being that as long as we have backlogs at Category:Wikipedia semi-protected edit requests and Category:Requested edits, I do not see this as anything more than another status to symbol, to make little userboxes for, and give out barnstars for using, and create endless drama through misuse. I'm checking now that there are 3 edit protected requests that would fall within this program, one of which is an edit warring request that an admin should do and there are 3 semi protected reqs and 9 requested edits. MBisanz ^talk 10:06, 23 December 2008 (UTC)Reply

   This proposal suggests to me that a user who we might think—even a little—would cause uncontrollable harm wouldn't be givien this right. Those who can be trusted should be trusted, those we can't trust with editing protected pages wouldn't be given the right, even then most trusted editors probably wouldn't be given the right either. §hep • ¡Talk to me! 03:05, 29 December 2008 (UTC)Reply

4. Strong Oppose. This is not a tool that should be unbundled from adminship. I can see unstoppable edit wars and system message change abuse. Malinaccier (talk) 02:10, 20 December 2008 (UTC)Reply

   Why wouldn't we just block someone and remove the right if they abused it? If I protected a page to stop an edit war and one of the participants in that edit war violated WP:PROTECT using their specific user right, I would block them instantly and remove the right. It would be more clear cut than rollback abuse is already. Protonk (talk) 05:07, 20 December 2008 (UTC)Reply

5. Oppose - there are two many reasons things are protected for a one-size fits all solution. Articles protected due to edit wars != articles protected due to office actions != articles protected for BLP reasons != high-risk templates != the interface. --B (talk) 05:21, 20 December 2008 (UTC)Reply
6. The reasons for protection are varied, and as MBisanz mentions, sometimes even sysops don't know what the hell they're doing. The editors I trust to edit fully-protected templates or the interface are the same ones that are sysops, though; "trust" is key here.
   Now, that said, I suppose I could get behind a proposal that would allow key users (such as bots) to have the bit only to perform bot-type tasks (such as interwiki edits). But a whole new process? I'm not seeing much actual need here (whereas rollback had a bit more necessity to it). EVula // talk // ☯ // 06:55, 20 December 2008 (UTC)Reply
7. Oppose - The ability to edit protected pages is extraordinarily powerful. I don't think we should trust it to anyone who we wouldn't trust enough to be an admin. Is it really that difficult to just put the entries he wants added to the spam blacklist on another page and have an admin transfer them over? --ScWizard (talk) 07:56, 20 December 2008 (UTC)Reply
8. Oppose per the points mentioned by User:MBisanz, User:Malinaccier, User:EVula as well as User:Ruslik0. — Aitias // discussion 15:34, 20 December 2008 (UTC)Reply
9. Oppose Too risky. Editing protected pages should remain a right granted through RfA. PeterSymonds (talk) 15:44, 20 December 2008 (UTC)Reply
10. Oppose per the same reasons that MBisanz pointed out. –Juliancolton ^{Happy Holidays} 15:47, 20 December 2008 (UTC)Reply
11. Oppose - Per MBisanz and EVula. All of the editors I trust to edit those are admins. Xclamation point 23:40, 20 December 2008 (UTC)Reply
12. Oppose In one off circumstances like thsi the editor in question can be granted admin rights, otherwise no.193.120.116.186 (talk) 17:50, 21 December 2008 (UTC)Reply
13. Oppose creation of yet another separate usergroup with just one associated permission. You'd find my support more forthcoming for a 'trusted' usergroup, with or without that name. Happy‑melon 15:40, 22 December 2008 (UTC)Reply
14. Oppose Oppose, nobody is stopping this German editor to build credibility in the English Wikipedia project and then apply for English Wiki adminship. Editing cultures and language are (slightly) different over international projects, so carrying over admin powers without evidence the user qualifies in this project is potentially hazardous for stability here. Arnoutf (talk) 17:39, 22 December 2008 (UTC)Reply
15. Oppose - I honestly don't see the need for this. Users who work in the template space are welcome to either use editprotected for minor changes, or copy the template to their user space and work on it there, raising an editprotected request when their work is complete. Changes on protected articles can and should be discussed before implementation on the talkpage, even if the editor (or admin) can edit the protected page. I also don't see a long backlog of editprotected requests waiting to be actioned - they're usually done fairly promptly. All other issues aside, I don't see a use case that would be solved by having this mechanism that is not already catered for through the existing processes. Many thanks. Gazimoff 21:53, 22 December 2008 (UTC)Reply
16. Oppose rights creep, just not necessary, etc. --Hammersoft (talk) 02:33, 23 December 2008 (UTC)Reply
17. Oppose for many of the reasons above. Just not necessary is also a very compelling reason.-Djsasso (talk) 14:22, 23 December 2008 (UTC)Reply
18. Oppose Sorry, I'm generally in favor of adding safe rights to other groups, I however think that while needing to wait for an admin to patrol {{editprotected}} pages is a nuisance, this allows some serious double checking, and we have enough admins editing protected pages when they should not without adding more people. The vetting process would be so close to RfA that this is not useful. -- lucasbfr ^{ho ho ho} 10:58, 31 December 2008 (UTC)Reply
19. Oppose Since adminship is supposed to be "no big deal", giving it to anyone who needs to edit protected pages is the solution. -- Taku (talk) 02:12, 4 January 2009 (UTC)Reply
    Comment: Adminship maybe isn't a BIG deal, but its a bigger deal than that, imposes obligations on admins, requires them to have technical training, etc. Finell (Talk) 02:19, 10 January 2009 (UTC)Reply
20. Oppose I am opposed to new special member statuses in general. Wikipedia is already bureaucratic and complicated enough. However, if this special status is created, I will definitely apply for it. Finell (Talk) 02:19, 10 January 2009 (UTC)Reply
21. Oppose. Rollback is handed out pretty easily and I'm guessing this would be as well. Do you really want to allow a user who edits for too short a time to become an admin to be able to edit, for example, the main page or Template:fact at will? These things are protected because editing them can cause such huge mayhem to the project. This just isn't needed. Oren0 (talk) 21:39, 18 January 2009 (UTC)Reply
22. Oppose the risks resulting from misuse or even honest mistakes are huge. Pages which are fully protected could cause serious damage if edited inappropriately, and even if the edit in question was reverted very quickly the damage could be huge. If this was given out in a similar way to rollback I can see certain long-term vandals working their way up to the right and using it to stick their vandalism on every page in the site, with disasterous consequences. Even if the right is only given out to long-term, established editors editing protected pages does require judgement and should remain an administrative tool. Hut 8.5 21:58, 18 January 2009 (UTC)Reply
23. Oppose Per above opposers. I can't add anyhting that hasn't already been said.--Patton^t/c 23:47, 18 January 2009 (UTC)Reply
24. Oppose the proliferation of user-rights in general. In this specific case, a much stronger case would need to be made for me to consider it worthwhile. Eluchil404 (talk) 04:35, 19 January 2009 (UTC)Reply
25. Oppose I am all for unbundling the tools but the ability to edit the interface is perhaps the most sensitive ability of all and should definitly stay with admins. Icewedge (talk) 07:22, 19 January 2009 (UTC)Reply
26. Weak oppose Though the sysop bit has increasingly been identified with "dispute management" (I hardly consider it resolution anymore), and edit protected has nothing to do with maintaining managing disputes, the inability to stop editing is a crucial hardsecurity tool of administration. I can be convinced however.--Tznkai (talk) 13:51, 20 January 2009 (UTC)Reply

    Were someone to edit a page that they were not supposed to in bad faith, the tool would simply be removed. No harm done. — Jake Wartenberg 13:01, 21 January 2009 (UTC)Reply

27. Oppose I am not convinced that the benefits (which do not seem to be large) outweigh the problems of having a lot more editors able to edit protected pages. Davewild (talk) 08:02, 21 January 2009 (UTC)Reply
28. Oppose - see below. Crystal whacker (talk) 17:49, 21 January 2009 (UTC)Reply
29. Oppose - The risks outweigh the potential gains. — neuro^(talk) 23:04, 22 January 2009 (UTC)Reply
30. No point. This wouldn't have helped anything, as you'd need "editinterface" permission to edit the spam-blacklist. Stifle (talk) 09:42, 23 January 2009 (UTC)Reply
31. Oppose Per Happy‑melon (#Some thoughts) and Crystal whacker (#Rollbackers who have had the permission involuntarily removed). Clearly, forget about 'editinterface' and 'edituserjscss', those are way too powerful and would be critical security risks. RFA is a minimum to be trusted with those rights, and I'd even support an additional security for highest risk pages. 'Editprotected' cannot be used on cascade-protected templates, which removes most of its interest (DYK, high-use templates), though also decreases the security risk in giving it out. Aside from editing templates, there is no real use for it: maybe cleaning up categories and templates in protected pages (essentially redirects and talk pages of blocked users), but it's not vital and an adminbot can take care of that. Sometimes a user will regularly edit a template specifically, or a type of templates, I agree it's an annoyance to have to make editprotected requests. But an approval process would still be very close to RFA and such added bureaucracy is undesirable. Cenarium (Talk) 16:19, 23 January 2009 (UTC)Reply
32. Oppose This one request is not enough for a general policy change. If we were talking about the ideal way for editing templates, and did not object to additional layers of complexity, it should be a small group of specialists, which would probably not contain most administrators. But as it is, the system works well enough, and I would strongly object to adding additional complications to user rights, especially as we are probably about to add a class for sighted articles. Not another at about the same time!! DGG (talk) 15:15, 28 January 2009 (UTC)Reply

    We will also be adding a class for the abuse filter. It's your worst nightmare... — Jake Wartenberg 15:34, 28 January 2009 (UTC)Reply

33. Oppose, this is not like rollback. The amount of harm rollback can do is very limited in scope, and indeed its same function can be accomplished (if less efficiently) through automated tools. Editprotected is not like that at all. An edit that is malicious, or even in good faith but done poorly, can cause damage to thousands of pages on the types of templates we normally protect. An ongoing edit war should be stopped by the temporary protection of the page. I don't think the potential benefits outweigh the potential problems here. Seraphimblade ^{Talk to me} 04:00, 4 February 2009 (UTC)Reply
34. Oppose We have adminship as a process of assuring trust for a reason. This is one of them. Changing that is a bad idea. Steven Walling (talk) 08:36, 13 February 2009 (UTC)Reply
35. Oppose Essentially agree with points raised above by MBisanz (talk · contribs) and EVula (talk · contribs), among others. Cirt (talk) 07:32, 16 February 2009 (UTC)Reply
36. Oppose - MBisanz is right, this is way too dangerous. If a malicious user gets hold of this, a lot of things could happen. Let me expand on MBisanz's list: Editing Mediawiki:Common.js to include said auto-logout script would render the site unusable for all registered users, and would in fact require a one of the system administrators to come and fix. Quite how many times they'd be willing to do that, I have no idea, but I can guess that it won't be many. You also say that users who abuse this right will have the right removed - well it could be too late by then. I fear that this sort of thing will be a regular occurrence if this right is implemented. Also, looking at the essay below, Happy-melon points out that the reasons behind this are to allow specific users the editinterface right, which is a *massive* security risk. The rest of the proposal seems to state an intent to allow users to edit high-profile templates, but again, as pointed out, this would be impossible without splitting off more access. Unless the user is vetted to the same level as normal adminship, I can't support this at this time. If this level of vetting is chosen though, I probably still wouldn't support as they've passed the vetting for the full set, so why not give them the full set? Stwalkerster [ talk ] 10:24, 16 February 2009 (UTC)Reply

    Can't you just disable browser javascript and log back in? I doubt that it would be only fixable by a sysadmin. Alexfusco⁵ 15:33, 16 February 2009 (UTC)Reply

37. Oppose - High risk for very small benefit. Garion96 (talk) 10:58, 16 February 2009 (UTC)Reply
38. Oppose There is no need (one RFA was about that of who knows how many) and it's like the WP:PEREN about splitting the tools. I might support a similar feature (that needs coding though) to allow certain users to edit a single page, i.e. if you could add them as exceptions to the protection. Citing the reason for this proposal, I'd rather propose a different approach: Let's create an adminbot that has a page where admins can add certain usernames and the pages they can edit. Then allow those users to create a subpage in their userspace containing a changed version of the page they want to edit and the bot will do those edits if they are on the list. So they would be limited to changing (indirectly) only those pages they are allowed to, none more. But as I said above, that would probably be a good feature request instead. Regards SoWhy 11:24, 16 February 2009 (UTC)Reply
39. Oppose: If we can't trust the user with all the tools, we certainly can't trust them with editinterface. One of the few tools that can actually damage the wiki, given to the wrong person. It's simply not safe until every single message is safe in XHTML (see bug 212). ^demon^{[omg plz]} 04:00, 18 February 2009 (UTC)Reply
40. Too much potential for harm. I can imagine dozens of situations in which having this granted can cause serious damage; some of which has already been mentioned. Also, like others have said, if you can be this trusted, you'd be an admin already. Synergy 06:49, 18 February 2009 (UTC)Reply
41. Oppose. Are we having an issue with editprotected requests being filled in a timely manner? Many times, articles are protected due to instability, not just vandalism, and I don't think it wise to increase the pool of users who can edit those protected articles without some type of safeguards (like going through RfA). Otherwise, I see protection becoming worthless when not used to combat vandalism. Karanacs (talk) 19:40, 19 February 2009 (UTC)Reply

Neutral

1. Neutral This sounds like a good idea but it could have a fairly limited use.

   It would be a good idea to clarify either now or at a later stage exactly what permissions would be included in this, as I've noticed a number of people above have made their comments with the assumption that, for example, editing the interface would be possible with this access level. Here are my thoughts on the permissions that could possibly be included:

   • Editing the interface: Some system messages only apply in a small number of situations, but others, such as MediaWiki:Common.js apply all the time. Common.js worries me especially since if someone accidental or deliberately (hopefully not the latter) introduced a security hole into the code, it could compromise accounts. This sort of damage could not be entirely fixed by simply reverting the page, so a higher level of trust would be required to be able to edit the page. For this reason, I would oppose allowing the interface to be edited.
   • Editing users' .css and .js subpages: While most of these pages provide scripts for one user, there are some pages such as User:Lupin/popups.js and User:AzaToth/twinkle.js which host javascript tools used by many users. For similar reasons as before, mistakes in editing these could compromise security.
   • Editing cascade-protected pages: I think that users with edit-protected should not have this right, the main reason being that it would give them the ability to transclude other pages in a cascade-protected page which effectively gives them the ability to protect any page they want, which is not an ability which is being proposed here. Additionally, preventing edit-protected users from editing cascade-protected pages would give the option of giving extremely high risk templates such as {{!}} and {{tl}} additional security to ensure that they can only be edited by administrators.
   • Moving pages and uploading images when the page/image is protected: Both of these should be fine to be included.

   Unfortunately, this means that the edit-protected right could not be used for editing pages such as the spam blacklist or parts of the main page, which narrows down its usefulness. I think this permission would therefore be useful for people who want to edit high usage templates, perform minor edits to articles protected for edit warring or make maintenance edits to pages protected for other reasons.

   It would be important to have some level of trust in the users receiving this right, more so than with rollback. What we want to avoid is breaking templates, editing protected pages where you're involved in a content dispute, editing WP:OFFICE protected pages where there could be legal issues at stake and introducing security flaws into the user scripts that aren't stored in user space.

   This means that when we give out this right, we need to look for people who understand the protection policy, whether it's appropriate for them to edit a page, whether an edit is minor or not, whether they're involved in a content dispute or not, and (if they plan on editing in these areas) they need to be able to understand and be able to test template code and javascript to ensure they don't break anything.

   However, as others have pointed out, if they're trustworthy and experienced enough to do all this, they might as well be an administrator. I think there may be a few people who could benefit from this right but perhaps don't have skills in other areas (e.g. blocking, deleting etc) that would make them suitable for adminship. The question is how many people would this apply to? I think adding this group would create another level of bureaucracy but it would only be worth it if enough people could use this right. Tra (Talk) 00:44, 24 December 2008 (UTC)Reply

• The problem with this is that there's a bunch of us who never wants to go through the RfA process (or never want to go through it again). For example, I have no interest in banning users, changing the protection level of pages (other perhaps than protect some), performing deletions. I have 0 3RR violations, and extensive experience writing templates and whatnots. However, no matter how clear I would make it that I have no interest in deletion, blocking, etc..., if I were to go through an RfA right now, I would be shot down because I'm not fighting vandalism, not being involved in much deletions discussion, and not being involved in "mod-like activities". Then I'll have someone who's not happy with the way I dealt with some things gang up on me with a bunch of his friends. Then someone will bring a mistake I made and not care that I've fixed it about 0.2 seconds after I've been notified of it. Then someone will say "if you only want to edit protected pages then use the {{editprotected}} template". Then Kurt will accuse me of beeing a power-hungry freak because I nominated myself... No sir, I'm not going through that crap again.
  
• This is not unecessary bureaucracy, this is having an efficient bureaucracy than can cut through the crap. There are editors out there who are more than willing to overhaul and maintain templates, do uncontroversial work on protected pages, support wikiprojects, etc, who would GREATLY benefit from being able to edit protected pages. It's not like we don't appreciating the need for sandbox testing templates like {{fact}} first, but the need to be able to quickly modify templates like {{astronomy}} rather than wait days is also something that needs to be acknowledge. And right now, the RfA process is stopping these editors from improving wikipedia because of irrelevant issues like lack of vandal fighting or because they aren't masochistic. Obviously we shouldn't give editprotected rights , or give the rights to edit cascade protected pages as liberally we're given away rollback rights. But it's not hard to see who doesn't revert war (granting them mainspace/wikispace/category editing rights as required and appropriated), and who are the experienced template writers (for editing template space). Headbomb {^ταλκ_{κοντριβς} – WP Physics} 09:13, 16 February 2009 (UTC)Reply

• I advise you to read what Happy-melon wrote below. By the way, Kurt retired several months ago. Ruslik (talk) 10:21, 16 February 2009 (UTC)Reply

1.   Neutral It does not seem nesacary, but whn you say "RFC," do you mean "RFP?" RFC makes no sense but RFP does as that's where rollback and AWB permission is given.--Ipatrol (talk) 00:56, 19 January 2009 (UTC)Reply

New individual access level: editprotected proposal 1: namespace-specific editprotected access

Proposal 1 A set of new access categories, similar to rollbacker or accountcreator, each of which grants editprotected rights to a particular namespace, such as Template:, and nothing else. This would require a software change. Who could give this permission and under what circumstances would be discussed at a later RfC, probably bureaucrats either on their own authority or through a lightweight RFC, but possibly administrators.

Discussion

I don't understand why we would want to do this. I can understand why someone who just fixes typos and knows nothing of deletion could be given the right to edit protected articles but might not be given the whole set of tools; but why split this by namespace? Can the supporters give an example scenario where we would trust someone to edit in one namespace but not another? ϢereSpielChequers 11:52, 19 December 2008 (UTC)Reply

Editing a protected page in the main namespace can at worst hurt only that page. Editing a protected template could hurt millions of pages. --Pascal666 (talk) 21:04, 19 December 2008 (UTC)Reply

Fair point, but IMHO corrupting a template is likely to be blatant vandalism or gross stupidity, a mistake whilst potential POV pushers are harder to screen out, (I've even heard of admins POV pushing). ϢereSpielChequers 10:15, 20 December 2008 (UTC)Reply

I would have to strongly disagree with the first part of your statement. Making mistakes is part of being human. I have corrupted several templates in my time on Wikipedia, both by editing them directly and via {{EditProtected}}. The big difference between the two is that when I make the edits directly I can revert them immediately if I screw up. If I use {{EditProtected}} I have to use it again to fix the problem and the error stays in place until someone else bothers to come around and fix it (see Template_talk:Test2del for an example). --Pascal666 (talk) 13:11, 20 December 2008 (UTC)Reply

Good point, on reflection I've rephrased that. To err is human and mistakes will happen regardless, my belief is that once we've screened out the obvious vandals we are more at risk of those we trust indulging their POVs than having them go rogue and commit blatant vandalism. Hence my suspicion that the greater damage done by corrupting a template is balanced by the greater risk of a trusted editor letting their prejudices influence their edits. ϢereSpielChequers 12:55, 21 December 2008 (UTC)Reply

Support

1. I suppose I'll be the only one supporting this... what can I say, I like lost causes. The reason I think this is a good idea is that templates can be incredibly finicky, it's easy to completely screw them up with something as simple as substituting a \ for a | (missing the shift keystroke). Mistakes like that are not always noticeable until you've saved the page and suddenly there's a mob banging down your door because you broke {{!}}. This is why protected edits to high risk templates are usually handled by admins experienced in that field so they can ascertain what effect the proposed edit will have. It's not that I think that someone trusted by the community would intentionally corrupt a template, my concern is that they make a little mistake and suddenly thousands of pages have a corrupted template. If the editor doesn't notice, it will more likely than not take a lot of time and work to track down the culprit. Splitting up the right by namespaces may add a layer of bureaucracy, but I believe the benefit outweighs the risk.

Oppose

1. Oppose too beaucratic... too many areas that would have to be coded. If we trust them to work in protected areas, we trust them to work in protected areas.---Balloonman ^PoppaBalloon 02:42, 19 December 2008 (UTC)Reply
2. Oppose. If you want to kill off any good that this might do quick, force the community to have to grant separate access every time they find a new area they'd like to edit in. No. - Dan Dank55 (send/receive) 02:47, 19 December 2008 (UTC)Reply
3. Oppose. The arguments above make too much sense. Malinaccier (talk) 02:09, 20 December 2008 (UTC)Reply
4. Oppose. Though I understand the logic behind this option, if you can't trust someone to police themselves you should not be trusting them to edit protected pages in the first place. --Pascal666 (talk) 13:11, 20 December 2008 (UTC)Reply
5. Oppose. The only namespace I think this makes sense in is Template, and that namespace has way too many high risk pages. Oren0 (talk) 21:41, 18 January 2009 (UTC)Reply
6. Oppose - Essentially agree with points raised above by Balloonman (talk · contribs) and Oren0 (talk · contribs). Cirt (talk) 07:33, 16 February 2009 (UTC)Reply

Neutral

Catch-all proposal: leave things as-is

If you are opposed to both and did not mark opposed above, sign here, with comments:

Opposed to both

1. Users either have the trust of the community to become admins, or they don't. There does not appear to be anything gained by doleing out the tools individually. There is no need to give a mop to some users, a bucket to others, a sponge to others, that little knife to clean the gum to yet others, etc. etc. If a user needs the access, let them apply for adminship. --Jayron32.talk.contribs 00:20, 19 December 2008 (UTC)Reply

   Say you own a car wash, and you get 100 cars a day. Would you rather hire 10 people who can each do 1 job each, or 1 person, who can do 10 jobs, to wash all your cars? --Izno (talk) 02:49, 19 December 2008 (UTC)Reply

2. There's no reason for this. The proposal is supposed to reduce the workload on admins, but editing protected pages does not create a significant workload in the same way blocking/protection/deletion do. Its unlikely it'll have a significant effect. The amount of possible damage, from accidental screwups, or on purpose, while not major (unless it is expanded to include the pages in the MediaWiki namespace) is significant. The "car wash" analogy above fails, as we don't have 10 protected edit requests every day for each admin. We have maybe a handful per day and a thousand active admins. Mr.Z-man 03:22, 19 December 2008 (UTC)Reply

   The proposal has the benefit of reducing the workload for administrators, but that's not the only reason. As for the workload, I propose the same analogy above as before, except we can reduce it down to, if you want, 2 jobs by 1 person or 1 job each for 2 people. I'd personally take the latter. The original was more of a defense of making separate groups in general, to which Jayron was arguing, which is why I found it appropriate.
   As for editprotected, a good many of the times I've seen {{editprotected}}, it's either been a straight copy-paste of the request which is then edited in, a request to make it that easy by the protected-editor, or a turn-down because the code that needed to be pasted was wrong. All of these take time, and they would take less time if there were more people to do them. If the person screws up, they can be reverted; if they have a history of it, they can have their right removed, just as rollbacker is.
   For instance, I had a case where I asked for a completely uncontroversial editprotected and it sat in the queue for three days. While there's no deadline, that's still a little bit less stress for me and a little bit less stress for the admin who needs to edit. While anecdotal data is anecdotal, it's just one case where me-being-to-edit the template straight up would have been faster for all. --Izno (talk) 03:47, 19 December 2008 (UTC)Reply

   The analogy still doesn't make much sense. A better analogy would be this: Say you run a manufacturing plant. The plant makes 5 distinct parts. On an average day, you need to make 5000 of part A (deletion), 500 part B (blocking), 250 part C (protection), 50 part D (granting rollbacker/accountcreator), and 5 part E (editprotected). Every employee is currently trained in making every part. Why would you feel the need to hire several dozen more employees who only know how to make part E? Mr.Z-man 22:31, 19 December 2008 (UTC)Reply

   That analogy has major holes in it. You are assuming that everybody is trained on all aspects of the project, this is flatly not true. There are areas that I won't touch with a ten foot pole. There are areas that you never work in. So while I may have the technical ability to work in edit protected areas, I am not about to go modify the spam list or templates. Similarly, I feel comfortable when blocking somebody for vandalism, but that doesn't mean I feel comfortable blocking somebody for a username violation. A better comparison would be, the medical profession where you have medical professionals and each has assigned duties. You have some medical professionals who are fully qualified to perform certain medical procedures, but don't have the "doctor" label in front of them (and the procedure is not one that requires a doctor.) Do you allow them to do it?---Balloonman ^PoppaBalloon 22:53, 19 December 2008 (UTC)Reply

   Hence why I generalized the tasks. Not everyone can do everything, but everyone can do most things. Do you know how to edit an article? If so, you can probably do 5-10% of protected edit requests. I actually said on my RFA that I would do protected edit requests on templates and such. I'm fairly good at template coding. Do I do protected edit requests? No, because its boring as hell. An admin could probably knock out the current list at WP:PER in one sitting, but nobody does it because its so boring. The problem isn't lack of admins, its lack of interest. People (like myself back in June '07) think "oh, that sounds like an interesting area I can help in" then they do it for a week, get tired of reading through page after page of threaded discussion to see if there's consensus or trying to determine if a change is going to break a template, or if it should get consensus first. If we do this, the same problem is going to happen. It'll be popular for a while while its still a novelty, all the admin wannabes will get it and do a couple requests for an extra gold star on their RFA, then they'll forget all about it. This won't reduce any admin workload substantially, it may not even reduce the CAT:PER backlog. If we're going to add a new process, why not just one to streamline the protected edit requests, make it easier for admins to process them, and maybe people will actually be interested. Mr.Z-man 04:21, 20 December 2008 (UTC)Reply

   If a user gets "tired" with helping with the requests and becomes inactive in the area they can have the right removed similar to ACC. §hep • ¡Talk to me! 03:06, 29 December 2008 (UTC)Reply

   Why? The problem isn't that it creates some sort of massive security risk by having the right (though ACC doesn't either, people are just paranoid for whatever reason), I just think this is a solution looking for a problem, or at best, a bad solution to a minor problem. Mr.Z-man 03:17, 29 December 2008 (UTC)Reply

   The problem is that currently around 1/2 of the requests haven't been visited by an admin; some sitting stale for a week. But, my opinion is bound to not change anything so I'll shutup now. §hep • ¡Talk to me! 03:27, 29 December 2008 (UTC)Reply

3. If you want to edit protected pages then go through RfA. I oppose any and all proposals to hand out administrator rights to non-admins; this one is no exception. - Rjd0060 (talk) 03:25, 19 December 2008 (UTC)Reply

   May I ask why? - Dan Dank55 (send/receive) 04:38, 19 December 2008 (UTC)Reply

   Because trust is a simple thing. Either I trust somebody or I don't. I don't trust them with some administrative user rights and not others. - Rjd0060 (talk) 04:45, 19 December 2008 (UTC)Reply

   Good point, thanks. - Dan Dank55 (send/receive) 04:47, 19 December 2008 (UTC)Reply

   But the reality of the situation is that there are a number of users who come to RfA, who are niche editors. They have their area where they like to work, and have solid contributions there. They have a legit need for tools (usually this one) but the only way they can get those tools is via an RfA. Unfortunately, because these editors are niche editors, they don't have the broad exposure that is expected for Admins, and thus fail in their RfA attempt. Plus, I like the point that somebody else made, once we grant the bit to somebody, it is almost impossible to get it back. If we gave some of the tools out piecemeal, then we can easily take them back when abuse occurs. A person who gets blocked for violating 3RR is not the type of person we'd give the tools too, but lets say somebody with this ability did violate 3RR. Then that person would loose the ability to edit protected articles AND could probably kiss any hope of becoming an admin goodbye---for a long time.---Balloonman ^PoppaBalloon 15:10, 19 December 2008 (UTC)Reply

4. Oppose - Sarah Palin. BJ^Talk 03:37, 19 December 2008 (UTC)Reply

   If a user who has "editprotected" rights edits Sarah Palin when it's locked, then we de-whatever them, and just think of how much time we've saved that user from pursuing adminship when it never would have worked, and how much trouble we've saved ourselves compared with what would happen if they did get the mop. - Dan Dank55 (send/receive) 04:38, 19 December 2008 (UTC)Reply

5. Strong Oppose. What is wrong with {{editprotected}}? Is there any reason this doesn't work well? Protection is often applied to force the formation of consensus. If we should get two editprotectors edit warring, protection's not going to do anything and will only make situations worse when we have to come in and remove the right. It's extra bureaucracy, and unnecessary. Rollback is useful and not particularly dangerous; account creator is useful and harmless; IP Exempt is an occasional necessity, but potentially dangerous. This, I don't see the need for, and could be potentially more harm than good. Hersfold ^(t/a/c) 17:24, 20 January 2009 (UTC)Reply

Voting is evil

If you think voting is evil:

Voting is evil

General comments

Put general comments, including how you think permissions should be handed out, here.

Comments

• Where's the "polls are evil" option? There MUST be a Polls Are Evil option, otherwise this poll is incomplete and therefore invalid! Majorly ^talk 23:46, 18 December 2008 (UTC)Reply
  • Happy now, Majorly? Xclamation point 01:02, 19 December 2008 (UTC)Reply
• General question: Editprotected means "edit only created pages which are protected" or "edit all pages protected, created or otherwise"? I'm asking this with regard to salted pages moreso, but conversely, this also applies to the default mediawiki messages, which are also considered to be "salted" by the software. One or the other? Both? --Izno (talk) 00:00, 19 December 2008 (UTC)Reply
• A technical point: Pages in the Mediawiki: namespace aren't protected in the same way that George W. Bush is. Rather, the software restricts who can edit them. I don't know if the ability to edit protected pages and the ability to edit Mediawiki: pages are the same thing. --Carnildo (talk) 01:24, 19 December 2008 (UTC)Reply

  Good point--so, this proposal wouldn't be applicable to the current RfA? Also, I've another question. Can you give the ability to, say, edit a protected page without giving the ability to change protection level? Lazulilasher (talk) 02:54, 19 December 2008 (UTC)Reply

  It's my understanding that being allowed to edit the MediaWiki namespace requires the editinterface right, while editing protected pages (but not changing the level of protection) is allowed through the editprotected right. Administrators have both rights, so they can, on a technical level, edit any page. I believe that giving the editprotected right alone would allow this group to edit protected pages, but not MediaWiki-namespace pages. Correct me if I'm wrong, please. :) {{Nihiltres|talk|log}} 03:13, 19 December 2008 (UTC)Reply

  Mostly :) Admins don't have the 'editprotected' right, rather, they can edit protected pages because the highest protection level is 'sysop.' If for some reason we created a "bureaucrat only" protection level, admins couldn't edit pages protected to that level, but anyone with the 'editprotected' right (currently no one, except perhaps a global group like stewards or staff) could still edit it. The editprotected right does not give the right to edit the interface pages (editinterface), user CSS/JS subpages (editusercssjs), or pages protected with cascading protection set. Mr.Z-man 03:34, 19 December 2008 (UTC)Reply

  Ah, ok. I see, that makes sense and has taught me something that I didn't know. So, would it be possible to give the ability to edit "sysop" protected pages to someone who did not have the rest of the "sysop" package? In other words, would the editor currently at RfA be able to receive that right without the package (assuming the rights were unbundled)? If so, I could see myself supporting the proposal for such specialist candidates. Lazulilasher (talk) 03:42, 19 December 2008 (UTC)Reply

  Admins actually have 'protect' right, which allows them both to edit protected pages and change protections levels. 'editprotected' is a light version of 'protect'. It allows only editing of protected pages, and is not currently used on en.wiki. See this. Ruslik (talk) 12:14, 19 December 2008 (UTC)Reply

  Would someone better-informed please then update {{User access levels}}? It currently suggests that editprotected is the way that admins edit protected pages. (My guess is that it should perhaps also point to Special:Listgrouprights) Mr.Z-man, thanks for mentioning also editusercssjs which I knew about but forgot to mention. {{Nihiltres|talk|log}} 16:26, 20 December 2008 (UTC)Reply

• I predict that if we did unbundle edit:Protected from the rest of the mop there would be an increase in the number of protected articles, possibly to the point that any article that is frequently viewed would become protected. To me that would be a healthy sign of Wikipedia growing up and moving from its initial growth phase to a more mature phase of consolidating and raising standards, with the vandals steered towards the less commonly viewed but frequently vandalised articles where they can be more easily patrolled and hopefully do least harm. But I'd be interested if anyone can see a downside to such an increase in protection. ϢereSpielChequers 12:22, 19 December 2008 (UTC)Reply

  I assure you the authors of millions of the project's contributions can see a downside to an increase in protection, but none of them are wasting their time commenting here -- Gurch (talk) 02:12, 20 December 2008 (UTC)Reply

  • WSC, I think you are missing the point of unbundling edit protected. It isn't to lock down major articles, which goes against the anyone can edit core policy, but rather to allow niche users who would otherwise fail an RfA to make useful edits with templates or the Spam Blacklist, for example. NW's Public Sock (talk) 15:19, 19 December 2008 (UTC)Reply
    • To Clarify, I support the proposal but predict that an unintended consequence of more editors being able to edit protected pages is that consensus will shift, and more pages will be protected. Hence this thread is in the comment section. ϢereSpielChequers 15:36, 19 December 2008 (UTC)Reply

Giving and removing this tool

• As for how this should be handed out, I suggest similar to Rollback, admins should be able to give this tool to those who make a reasonable request, and just as importantly be able to take it away from those who've misused it. ϢereSpielChequers 12:22, 19 December 2008 (UTC)Reply
  • Absolutely not, someone could screw up thousands of pages, either accidentally or intentionally, with bad template code. Or they can start a huge drama clusterfuck by editing a page under dispute. With rollback, the damage from one instance of misuse is minimal. With this it could be major. We couldn't use the "easy come, easy go" system here. Besides the fact that rollback is already moving away from it (WP:RFR now requires a demonstrated need for rollback), 1 instance of misuse could be one too many. Mr.Z-man 03:50, 20 December 2008 (UTC)Reply
    • @WereSpielChequers. Any bad account can work towards rollback, acc, etc. Removal of rollback from vandals is not common, but it does happen. Rollback is, however, relatively inconsequential in comparison. Anyone who screws with {{!}} on its own will break the site, let alone other pages as well... PeterSymonds (talk) 15:52, 20 December 2008 (UTC)Reply
      • I envision that this group will only really have to be given out to a few users, those that work in templates or blacklists for example. I recommend that no fewer than three admins have to verify a requestees work. A requestee must have shown consistent need for the tool over a period of not shorter than two months. Also, this right should be removed after two months of inactivity
      • Sound good? NuclearWarfare ^{contact me}_{My work} 20:57, 22 December 2008 (UTC)Reply

Go to WP:ERRORS any day of the week and there's a half dozen editors who sit there pointing out errors. Sometimes an admin won't come by and fix them for a few hours, and sometimes with the high-turnover templates like DYK they don't get fixed at all. But because of a hypothetical concern that somebody might edit {{!}} and cause a mess, we allow literally millions of readers to see errors on the main page. Of course, the real concern is not about the readers of the encyclopedia. If it were, it'd be an absolute no-brainer granting this to trusted users for the sake of our readers. (And zapping like an electric fence for a single instance of misuse. Give editors the rope to hang themselves. If they want to commit Wikicide for a single +editprotected prank then let's use that as a helpful filter.) So what is the real issue? Well, the real effect of implementing this is that it will diminish the gap between editors and admins. It would destroy our system of binary trust (that'd be a good thing to destroy). Binary trust: Admins are to be as exalted wikigod--trusted forever and always and unconditionally and only ArbCom can change it. Axiomatically: Adminship=trust ∴ !adminship=!trust. Zzzzz indeed. Let's make the encyclopedia better instead of play powergames and get on with debundling. --JayHenry (t) 07:28, 23 December 2008 (UTC)Reply

Enabling 'editprotected' for some editors will not give them access to the main page or DYK, because they are cascade protected. Ruslik (talk) 08:01, 23 December 2008 (UTC)Reply

That sounds like a technical detail that could easily be tweaked if the community wanted the change. Even if not the substance of my point remains. It's unhealthy to treat trust as a binary attribute--present in admins; absent in others--as we're seeing here.--JayHenry (t) 00:36, 24 December 2008 (UTC)Reply

No, it cannot be helped. That would be a huge escalation of privileges: users could exploit this to cascade-protect any and a massive number of pages by transcluding them. Cenarium (Talk) 14:45, 23 January 2009 (UTC)Reply

I believe if this goes through it will leave the administrative rights to barley nothing(Viewing deleted pages,Deleting Pages, and Changing Some Account Rights.) So if this does go through, should administrative rights be broken up into several separate rights.Hereford 23:27, 18 January 2009 (UTC)Reply

• I'm sure sure about the technicalities of all of this but if this or any similar proposal was to get off the ground, it would have to include creating another protection level between semi-protection and full protection. — Blue-Haired Lawyer 19:52, 21 January 2009 (UTC)Reply
• Will some one with theses privlages be able to protected pages from WP:RPP?HereFord 20:14, 30 January 2009 (UTC)Reply

Some comments about this poll and the poll that brought us WP:ROLLBACK

We can all (almost) agree that introducing rollback to non-admins was an almost unmitigated success. It was a specific tool allotted to administrators by the code but not intrinsically related to their functions as trusted members of the community. In its time, the proposal was perennially rejected until some force came behind it. There are some big differences between expanding edit protected to non-admins and allowing rollback use by non-admins, namely when Wikipedia:Non-administrator rollback reached consensus there was a clear and obvious need for non-admins to have rollback. However there are some strong commonalities. Non-admins didn't actually need rollback (Twinkle and other tools could simulate it). Fears about edit wars and dilution of trust abounded. I think (not to invoke the policy version of WP:WAX) that we could benefit from looking at the straw poll which brought us rollback: Wikipedia:Non-administrator_rollback/Poll, specifically the oppose section. The guideline passed ~300 to 140 (a narrow margin as far as consensus goes). The primary oppose reasons were that it created a new class of users, it would create unstoppable edit wars, it was redundant to existing tools, and that tools shouldn't be unbundled from RfA. Let's think about how successful rollback has been and how fearful we were of it then when deciding how to treat this proposal. Protonk (talk) 23:54, 22 December 2008 (UTC)Reply

The next step

Well, there is rather significant support for this proposal. There is also a significant minority that oppose this move with concerns. I think that the next step would be a formal Requests for Comment on this. (perhaps get a notice put into the editnotice bar as well.) I would say this. In normal discussions that have as many opinions as this one does, 70% could generally be considered consensus. However, as the person who closed this discussion noted, we want to be leery of WP:RAMROD as well. So more discussion would be useful, but I think it's outgrown the Village pump and needs as wide attention as possible. That is why I recommended that the close be undone, and I'm recommending a formal RfC be the next step) SirFozzie (talk) 16:11, 3 January 2009 (UTC)Reply

I mis-counted, support is closer to 60%. I'd have to carefully look at the objections and see if they can be addressed en mass to bump that number way up before or as part of an RFC. Leaving 35-45% of the people "on the outs" is anti-consensus. davidwr/(talk)/(contribs)/(e-mail) 20:00, 3 January 2009 (UTC)Reply

Definitely warrants a project page. Move/archive discussion to there. ♦ I strongly suggest, instead of framing the discussion in terms of "support" and "oppose", that it be framed in terms of WP:NPOV. Give the proposal and its rationale. Also try to fairly and completely summarize and document all of the opposing reasons. Identify counter-arguments and counter-count-arguments, etc. Don't put it in terms of "Objections"; put it in terms of "Community dynamics". Refactor the project page mercilessly, updating it as new ideas are revealed. Keep discussion on the talk page. Polarizing proposals into support/oppose creates false dichotomies, acts as a barrier to discussion between disagreeing parties, and impedes consensus. Work towards mutual understanding and acceptance, not a majority vote. —DragonHawk (talk|hist) 20:54, 4 January 2009 (UTC)Reply

This is sound and sage advice. Protonk (talk) 05:19, 7 January 2009 (UTC)Reply

Some thoughts

Latest comment: 15 years ago2 comments2 people in discussion

A few clarifications and corrections of where the proposal is factually incorrect, drifting onto a general analysis.

Bureaucrats have no directly-assigned permissions related to page protection or protected page editing. Their permissions are entirely related to user rights and Special:RenameUser. The bureaucrats of en.wiki all have the ability to protect and edit protected pages for the simple reason that they are all also administrators, indeed the RfA/RfB process effectively guarrantees that this is so.

Secondly, I believe there is significant confusion over what permissions allow what actions. The core MediaWiki software recognises a number of permissions related to page protection and protected edits, and extensions can define other permissions. The main permission is protect, which grants access both to protect and unprotect pages, and to edit pages that have been protected. It is not possible to separate these abilities without changes to the MediaWiki software, and rightly so.

There is also a new permission, editprotected, which conveys only the ability to edit protected pages. It does not convey the ability to edit cascade pages, and it will never be possible to do so, as it represents a privilege escalation vulnerability. If a user edits a cascade-protected page and makes it transclude an unprotected page, then that unprotected page becomes protected, even though the user does not have the protect permission. When cascading protection was first introduced, it was possible to cascade semi-protection as well as full protection: the situation is exactly the same, with all autoconfirmed users able to effectively semi-protect pages just by transcluding them onto pages that were cascade semi-protected. Cascading semi-protection was very quickly disabled.

So it is not acceptable to have users with the permission to edit cascade-protected pages, but not to set that protection. Editing cascade-protected pages must require the full protect permission. But that leaves the proposal, to effectively 'unbundle editprotected' from 'sysop', in tatters. Cascading protection is used widely as a 'safety net' to ensure that pages (particularly templates) that should be protected, stay protected. Pages such as User:Cenarium/Protected templates (there are numerous others) are cascade-protected, and transclude popular templates that should never be unprotected. That way when vulnerabilities are accidentally introduced, where the template is made to transclude unprotected templates or images, there is still no potential for abuse. The majority of fully-protected templates are further secured in this fashion. Non-admins would still not be able to edit these pages; at best, it creates a 'middle ground' where the editors are able to edit some protected templates, but with many still unavailable. This destroys the appeal of an 'editprotected' group to users who are primarily template editors, as the most important templates remain outside their grasp.

To edit other users' .css and .js files, the editusercssjs permission is required. Once again, this permission cannot be safely separated from other powerful permissions as it represents a security vulnerability. It is possible to write javascript functions to block arbitrary users, delete arbitrary articles, or (ironically) unprotect arbitrary pages. By editing an administrator's .js files, it is possible to cause them to inadvertantly perform any number of such actions as soon as they log in to their account, a huge privilege escalation.

To edit the MediaWiki interface, the editinterface permission is needed. Obviously since this gives access to the site javascript in MediaWiki:Common.js, this represents an even more serious security risk. While such vandalism might be reverted very rapidly, the probability of an admin making an on-wiki action (which could be as simple as loading a page) while the malicious code is in place is very high. Even more dangerously, several obscure system messages support raw HTML including javascript handlers, so with some thought malicious code could be inserted even more discreetly. There are other powerful abuse vectors through the MediaWiki interface that could cause equal disruption, which I won't elaborate on, although I can discuss them privately if you are interested (and in good standing).

In short, then, all of the edit-protected-content permissions have vectors for very serious potential abuse. We are all aware of how damaging a rogue admin account can be, that's a situation we're prepared for both in cure (rapid steward response times) and prevention (thorough vetting through RfA). Although those processes aren't perfect, they are generally effective. When considering 'unbundling' permissions from the 'sysop' group, then, we must be very careful to correctly evaluate which ones have limited scope for abuse, and which have unlimited scope. Rollback falls very clearly into the former category: the greatest possible abuse that can be done with it is to create a bot that will revert every edit made to the wiki. Such an action is incredibly noticeable, and can be resolved by any admin blocking the account; the reversions can themselves be rolled back to repair the damage. Abuse potential, finite (and quite small). Allowing a user the ability to execute arbitrary javascript or modify the interface, the potential for abuse is limited only by the user's imagination. Abuse potential, infinite. As such, a proposal to unbundle the editinterface or editusercssjs permissions is very different to the rollback situation, and is likely to be vetoed by the Wikimedia developers.

So we are left with the only even potentially viable proposal to grant the editprotected permission: the ability to edit pages that have been fully-protected but not cascade-protected. As I have said, this is at best a "poor man's" solution as a significant number of protected templates are cascade-protected, and it would be detrimental for us to remove that extra security. And yet this still opens up a number of security holes, through pages like these that are called as raw javascript, the users thinking that full protection provided just that, full protection. Some pages are transcluded into system messages; systems like AWB are secured by fully-protected pages; editing templates that include popular external links could insert malicious code when users click on them. Although I accept that the vulnerabilities are much less than with the other permissions and could be reduced further if we had warning that they were about to be opened, they are present and they are serious.

So all unbundlings other than the editprotected permission are unacceptable from a security perspective, as the potential for abuse is unlimited. The editprotected permission has its own security issues, but is also of very limited utility in its most commonly-intended purpose, as many protected templates are also cascade protected (and the permission would not give access to other protected content such as the spam blacklist). I conclude that separating the ability to edit protected pages of any sort from the ability to protect them in the first place, or reducing the level of scrutiny required to obtain the editprotected permission, are fundamentally Bad Ideas^TM.

My apologies for the extraordinary length of this post, I won't be at all offended if people think it not worth the time to read :D Happy‑melon 22:57, 18 January 2009 (UTC)Reply

As I understand editprotected was created more for bots than humans. Ruslik (talk) 15:09, 20 January 2009 (UTC)Reply

Rollbackers who have had the permission involuntarily removed

Latest comment: 15 years ago8 comments5 people in discussion

I see a serious problem with granting "editprotected" the same way that rollback is granted. On too many occasions, rollbackers have had the permission involuntarily removed for various reasons. Per MBisanz's oppose comment, there are real nasty things an abuser can do with editprotected, in ways that are not possible with rollback.

For your consideration, I reviewed the last 1,000 entries in the user rights log, going back 5 months to August 23, 2008. I selected all instances where an administrator changed the rights of a user from "rollbackers to (none)" for a substantive reason or for no stated reason. I excluded cases where the user requested removal or where the removal was part of a test. I compiled only the timestamp and the reason in the log entry in order to spare involved users potential embarrassment: however, if necessary, you can find the log entries by searching the log for the corresponding timestamps.

Of the 50 users listed here, exactly half (25) had the tool removed because of a long-term block that is currently in effect. The other half had the tool removed for actual abuse or other reasons.

It is possible to get enough edits for the rollback tool and still be banned. Admittedly, there have been admins who have later been banned, but it is far less common. For any expansion of permissions, it's important to ask what's the worst that could happen if someone goes rogue. I think for editprotected the danger is real.

User indef-blocked

27 users, including 2 false positives.

• 04:49, 18 January 2009 (seems reasonable) [user is indef-blocked]
• 16:33, 15 January 2009 (checkuser confirmed sockpuppet of [name redacted])
• 21:50, 11 December 2008 (user indef blocked)
• 18:08, 25 October 2008 ([link to global block log]) [note that user was unblocked and given back the permission]
• 12:40, 15 October 2008 (-) [user is blocked until March 27, 2009]
• 19:58, 12 October 2008 (user blocked) [but he was unblocked one day later, and his permission was restored]
• 21:06, 9 October 2008 (sockpuppet confirmed by checkuser)
• 00:08, 22 September 2008 (account is blocked indefinitely)
• 00:07, 22 September 2008 (account is blocked indefinitely)
• 00:07, 22 September 2008 (account is blocked indefinitely)
• 00:06, 22 September 2008 (account is blocked indefinitely)
• 00:06, 22 September 2008 (account is blocked indefinitely)
• 00:05, 22 September 2008 (account is blocked indefinitely)
• 00:05, 22 September 2008 (account is blocked indefinitely)
• 00:04, 22 September 2008 (account is blocked indefinitely)
• 00:03, 22 September 2008 (account is blocked indefinitely)
• 00:03, 22 September 2008 (account is blocked indefinitely)
• 19:35, 19 September 2008 (account is blocked indefinitely)
• 19:35, 19 September 2008 (account is blocked indefinitely)
• 19:31, 19 September 2008 (account is blocked indefinitely)
• 19:30, 19 September 2008 (account is blocked indefinitely)
• 13:42, 17 September 2008 (account is blocked indefinitely)
• 13:40, 17 September 2008 (account is blocked indefinitely)
• 15:18, 16 September 2008 (blocked for sockpuppeting)
• 21:58, 13 September 2008 (indefblocked user)
• 09:59, 8 September 2008 (indef blocked for sockpuppetry, en and meta)
• 09:46, 25 August 2008 (banned)

Abuse of rollback

13 users.

• 18:43, 29 December 2008 (uses rollback for edit warring)
• 13:20, 18 December 2008 (uses rollback to bite newbies)
• 19:10, 10 December 2008 (abuse)
• 15:29, 21 November 2008 (inappropriate use of rollback. appears to be a history of edit warring as well. it's questionable whether this editor should be here at all, but it's not questionable whether he should have rollback)
• 15:30, 18 November 2008 (abuse: [diff])
• 01:20, 5 November 2008 (edit warring with rollback, see [diff])
• 15:22, 28 October 2008 (abuse)
• 19:29, 29 September 2008 (rm rollback, using rollback in an edit war)
• 07:24, 26 September 2008 (using it to revert his own vandalism)
• 03:45, 25 September 2008 (used rollback in an edit war)
• 21:45, 18 September 2008 ([link] – completely inappropriate)
• 12:16, 14 September 2008 (abuse)
• 22:41, 29 August 2008 (Abuse of rollback)

Other reason or no reason stated

10 users.

• 06:36, 15 December 2008 (user has left the project)
• 16:59, 14 November 2008 (per admin review)
• 10:19, 11 November 2008 (apparently there are a few concerns about judgement and trustworthiness)
• 09:43, 16 October 2008 [no log summary]
• 19:25, 19 September 2008 [no log summary]
• 19:23, 19 September 2008 [no log summary]
• 06:19, 9 September 2008 (minor vandalism while logged out, breaching experiments)
• 17:31, 9 September 2008 (Nope. Vandal a/c)
• 15:34, 7 September 2008 [no log summary; user was blocked 24 hours for edit warring]
• 16:53, 7 September 2008 (checkuser evidence indicates this user cannot be trusted to act in accordance with policy)

Comments

Discuss. Crystal whacker (talk) 18:04, 21 January 2009 (UTC)Reply

Useful data, but I disagree with your summary. 1) I do not see roll back details being related to flagged revisions. One is maintenance the other is writing. 2) "Admittedly, there have been admins who have later been banned, but it is far less common" There are 2,286 rollbackers - 38 have lost the tool through forces over than simple request to hand it back. There are 1620 admins. At least 37 have lost the bit through force, and a number more have failed RFA in reapplying. So actually it is 'more common to loose admin rights than rollback rights. Now the data sets are different (in terms of time) but if we think of the slow increase in admins and the rapid rate rollback is handed out (certainly when it was first introduced) my conclusion is more likely than yours.

In any instance if we assume 50 forced removals ever of rollback ever then simple maths says there have been 2336 rollbackers of which 2.14% have lost the tool. Not a high figure IMHO. Again, thanks for the data but I disagree with what you seem to be drawing from it. Pedro :  Chat  08:06, 22 January 2009 (UTC)Reply

Apologies, struck part of my comment, I thought you were comparing this against the flagged revisions idea not protected editing. Nevertheless, my analysis still stands that abuse is generally a very low percent. Pedro :  Chat  08:16, 22 January 2009 (UTC)Reply

I didn't make it clear enough. It's not that 50 people have lost rollback ever; rather, 50 people lost rollback in the last five months. Of those, half were indef-blocked. Given that rollback is about a year old, I would guess that the total number of people who have had rollback removed is about 100. I also refer to admins being banned, not just desysopped, because being banned usually indicates bad faith as opposed to honest misuse of the tools (though it can vary in either direction). From Wikipedia:List of banned users, there are nine current or former administrators who have been banned: Isis, Karmafist, Eyrian, Henrygb, Runcorn, Archtransit, Betacommand, Freestylefrappe, and Robdurbar. Only the last of these earned his ban by "going rogue" with the tools. Maybe one case in 2,000 is not anything to worry about, but in the case of rollback more people have access to the tool, and if all those people had access to the editprotected right, I have a real concern that MBisanz's nightmare scenarios could play out. I hope I'm wrong, but I think the possibility is real and we should be aware of it. Crystal whacker (talk) 17:18, 22 January 2009 (UTC)Reply

Actually, my analysis of the past five thousand rights log entries (which extends right through the rollback period) shows that 210 users have had their rollback permissions removed at some point (that is, removed without being replaced by or redundant to admin rollback). As I have no such compunction about aggregating public data, I have posted a table at Wikipedia talk:Protected editing rights/Rollbackstats. I would appreciate any help in going through the table to separate the users into the groups in the same manner as above. Happy‑melon 16:51, 23 January 2009 (UTC)Reply

I would help with this...Where would you like to build the summary table. -- Mjquin_id (talk) 22:07, 26 January 2009 (UTC)Reply

Just dig through the table that's already at the page I linked above. Happy‑melon 22:17, 26 January 2009 (UTC)Reply

Presumably, editprotected rights would be granted much less frequently than rollback, to users that are much more trusted. I would propose that editprotected be only given to users with a near-admin level of trust (or even those with an admin level of trust but don't need and/or want the other admin tools). So if that's the case, the frequency of rollbackers losing their bit isn't relevant to this. -kotra (talk) 05:42, 20 February 2009 (UTC)Reply

an alternative idea

Latest comment: 11 years ago1 comment1 person in discussion

Another idea is to use a combination of the proposed system and pending changes. That is, non-admins with the "editprotected" permission could make edits to protected pages, but such edits wouldn't go live until they're approved by an administrator. --Ixfd64 (talk) 16:32, 31 August 2012 (UTC)Reply