People who have the administrative password can do some extra-powerful stuff like automatically renaming pages. For example, one could rename a page from JohnQDude to John Q Dude, and not only would the page be renamed, but all the links.
Additionally, administrators can actually delete pages. We probably don't want to do much of this, because in general, a redirect is better than a deletion! In that way, old links from search engines, etc., still work.
I, Jimbo Wales, propose that I should give out the administrator password fairly freely. People who have been around for a week or two, contributing to the pages in a useful way, should have access to this. Indeed, the only reason not to give it out willy-nilly is that someone really could mess things up. (For example, by renaming every page to 'Bob'.)
I think, as long as someone has shown good will (and that means pretty much everybody who is a regular visitor) should have it.
Are there any thoughts/objections to this?
(Also, I think that the admin password would give us a quick way to let regulars in to edit, while blocking others, if we come under attack from spammers or vandals at some point.)
There are actually two separate levels of special access: the "editor" level and the "admin" level. Admins are given complete power/control over the wiki. They can do things like:
- Renaming or deleting pages
- Locking individual pages from further editing
- Locking the entire wiki against public editing with a single command
- Banning IP addresses or networks from editing
- Running the CPU/disk-intensive maintenance function at any time (other users are limited to once per 12 hours)
- All editor-level functions
The "editor" level currently has very few extra powers, which include:
- Editing pages even when the entire wiki is locked to outside users
- (As a site option, default off) Renaming or deleting pages
Note that each level can have multiple passwords, which can be individually revoked. This means that you could have a relatively public editor password and other less-public passwords (for major contributors, for instance). If the public password is abused, it could be revoked without affecting the less-public passwords. (For Wikipedia I might suggest/code other systems for managing access, like allowing admins to simply grant/revoke editor-level access without using a password.)
Perhaps CliffordAdams knows of some reason why this is a bad idea.
The main problem I (CliffordAdams) see is that one could cause severe disruption with some of the admin-level commands. Features like locking pages or banning networks might be controversial.
I think it would be better to give relatively free editor-level access, and possibly move some functions from the admin to the editor level. My suggestions are:
- Give editor-level access to anyone who has written at least 3 "good" contributions (or one excellent page). Most contributors will get this access quickly.
- Give admin-level access to people who have been around for at least a month, have written at least 10 "good" pages, and who want to help with "admin" tasks.
Personally, I think "admin" level access should be viewed as a community service rather than a reward. Indeed, if there are enough volunteers, I think there should only be a few permanent admins and a larger number of limited-time admins, rotating every few months.
For renaming and deletion, I'm considering a new feature to let anyone suggest changes or deletions, which could be quickly confirmed by any admin user. In the meantime, I think it would be best to restrict these features to admins only. A public page for rename/deletion suggestions could be established, and admins could frequently cut/paste suggestions from that page into the rename/deletion form. --CliffordAdams
Under the current system, the admin features take a very long time to run, locking the entire site from new edits. For this reason alone, extending admin priviliges could be disastrous. I don't think even the current administrators should use the editlinks features until this system is improved. - Tim
- I agree that one could easily abuse the admin capabilities to deny service to other users. In my development copy of the wiki code I've greatly improved the efficiency of the editlinks feature. It now builds a link index only once at the beginning of the command, and other users can edit while the index is built. The rename commands use that index so that they only search/replace on pages which mention the link (rather than all pages). I'm hoping to release this code by the end of March 2001. --CliffordAdams
I (Larry Sanger) would support some such scheme (as long as the practical problems Tim mentions can be overcome). But I agree with Cliff when he says "one could cause severe disruption with some of the admin-level commands. Features like locking pages or banning networks might be controversial." As a basic security measure, I don't think we should pass out the same password to everyone, but give each person an individual password that can be revoked in case there's a problem.
I think there's a bit of a practical concern in that, possibly, some people might be made admins who fail to understand or agree with whatever community standards there are--and proceeds to rename pages and otherwise wreak havoc, not out of maliciousness but cluelessness, hubris, egotism, and the like. If you've been online for long enough, and I know you all have, you know that this sort of problem is practically inevitable. I don't know that we need to do anything about this potential problem other than what Cliff already proposed, i.e., assign admin responsibilities only to people who have been with us for a month and have created a lot of good articles. Maybe I'd add the simple caveat that we should state that one shouldn't expect to get admin privileges after a certain amount of work--in other words, it's not automatic. Something along those lines, anyway. --Larry Sanger
Stephen Gilbert's opinion: I think that Wikipedia should be very cautious about giving out such major powers freely. Take a look at this Slashdot story on Everything2's one millionth node, paying particular attention to comments from current and former Everything2 users: http://slashdot.org/articles/01/03/29/2035230_F.shtml
As Wikipedia grows, we will have more people with wildly different ideas of how things should be done. Even now, with our very small number of regulars, we've had some pretty intense conflicts. Right now, everyone has a similar and useful set of powers; we are all able to create, edit and redirect pages, as well as the all-important ability to restore previous versions. The power to completely delete pages (along with the revision history) is very dangerous, and is something like giving everyone nuclear weapons. Once one is launched, everyone launches their own, and any damage is largely irreversable.
I don't really see why it should be possible to delete the revision history of anything. If some version of a page contains gross slander or something like that it might be an idea, but it could be done in better ways. Either the revision history could be hidden before a certain point, or there could be a command to erase just one specific delta of the revision history. I think most revision control systems have options to remove deltas that are no longer needed, leaving older and newer ones. --Pinkunicorn
I agree that administrative powers, (in particular the power to delete pages) should be given very, very carefully (and even then, probably frequent backups would be desirable). In the mean time I would like to divert some attention to delete or not pages, I'm not sure it has been discused somewhere else, so I suggest we put it in To delete or not to delete.