1 |
On 16 June 2013 16:01, "Paweł Hajdan, Jr." <phajdan.jr@g.o> wrote: |
2 |
|
3 |
> On 6/9/13 7:22 AM, Alex Legler wrote: |
4 |
> > I'd appreciate some input on below plan to move project pages to the |
5 |
> Wiki: |
6 |
> |
7 |
> Alex, thanks for working on this! Some feedback: |
8 |
> |
9 |
> 1. How will the project pages be protected against "unwanted" edits? I |
10 |
> think it's valuable to have some official pages where you know only |
11 |
> Gentoo devs can edit them. |
12 |
> |
13 |
> 2. How will the staffing needs page be updated after dropping gorg? |
14 |
> |
15 |
> 3. How secure is the wiki? Do we have regular backups and security |
16 |
> updates procedures in place? I know you're member of the security team |
17 |
> and infra team is doing its job well, but I just wanted to check. |
18 |
> Dynamic web applications arguably have bigger attack surface than |
19 |
> effectively a bunch of static files only editable after you gain server |
20 |
> access. |
21 |
> |
22 |
> Paweł |
23 |
> |
24 |
> |
25 |
> |
26 |
IMHO, the criteria for being able to edit the wiki should be lower than the |
27 |
present requirements on "being a Gentoo Dev". |
28 |
|
29 |
There should still be some degree of vetting, but the risk a person poses |
30 |
being able to make doc updates is significantly less than the risk a person |
31 |
poses by throwing them a CVS bit. |
32 |
|
33 |
I'd be interested in seeing if theres' a way to have "vetted" edits of some |
34 |
kind, ala a patchqueue/pull-merge feature but for wikis, allowing a user to |
35 |
edit a page as they see fit, but the changes are only visible to them until |
36 |
they mark their edits "done" where it can be pushed to a moderation queue |
37 |
for somebody trusted to check over. |
38 |
|
39 |
Because otherwise, I feel you're missing out on the benefits of wiki. |
40 |
|
41 |
A game I play, tribalwars.com, has a wiki, but the purpose of having a wiki |
42 |
is incredibly redundant, because most the documentation there is grossly |
43 |
out of date, and the tribalwars staff (the only people who can edit it) |
44 |
don't edit anything themselves much, and as a result, there are huge chunks |
45 |
of the wiki that are blatantly wrong, and I would edit them if I could, and |
46 |
there is no good reason to suggest my edits would be likely "malevolent" in |
47 |
fixing this, but alas, due to fear of abuse to security, the wiki hugely |
48 |
misses its intended audience and is practically useless, and the rigmarole |
49 |
that is required for any casual user correcting finding a minor flaw is so |
50 |
great, it simply never occurs. |