Requests for Comment/Meta Interface Admin Group

Note: This RFC only affects Meta and does not apply globally.

Introduction
This RFC is intended to establish consensus regarding the use of the Interface Administrator user group on Meta. As some background, this group was added to MediaWiki core in (I believe) version 1.32 as an added layer of security against compromised administrator accounts. Previously, users with sysop access could edit all pages in the MediaWiki: namespace and edit all CSS/JS pages, both sitewide pages and personal user scripts. However, this posed a security risk because if an admin account was compromised or went rouge, severe damage can be done that would affect all users of the site by inserting malicious content into CSS or JS pages - perhaps more damage than would be done by perhaps deleting the main page or something like that. As a result, the  userright, which allows modification of pages in the MediaWiki: namespace, among other similar permissions, were revoked from the sysop group and given to their own independent group that is assignable by bureaucrats. However, on Meta these changes were overridden locally so that sysops still have the rights they originally had, and the interface admin group has since been unused.

However, there may be certain cases where access to the MediaWiki namespace and other interface pages is needed or desired while full administrator rights are not needed. The circumstance that prompted the creation of this RFC is a personal desire to do some work to improve Twinkle, which has its code hosted in the MediaWiki namespace, without applying for full administrator access. The purpose of this RFC is to establish consensus for use of the Interface Administrator group, which has the necessary permissions unbundled from the sysop group.

Proposal regarding group management
Currently, only Meta bureaucrats can add or remove the interface administrator user group, which limits the management of the group to only 2 users (John and Southparkfan as of writing). It is proposed that Meta administrators and Stewards also be allowed to manage the interface admin group, so that there is a number of people able to manage the group that any requests will be attended to in a reasonable amount of time.

Support

 * 1)  As proposer. Amanda Catherine (talk) 21:21, 22 May 2020 (UTC)

Proposal 1
A user may be added to the interface administrator user group at the discretion of a bureaucrat, administrator, or steward if the requesting user meets all of the following criteria:


 * A clear and specific purpose for requesting the right has been demonstrated (i.e. the user has made clear what exactly they plan to use the permissions for and are not "hat collecting")
 * The user already holds wiki creator, rollback, CVT, or other userrights that demonstrate that they are trustworthy
 * The user has no recent history of blocks or other sanctions on Meta
 * The user confirms that they have a strong password

Proposal 2
Interface administrator rights may only be granted after a successful request at Requests for permissions, where successful is defined as:


 * The request has been open for at least 5 days
 * At least 5 users have independently supported the user requesting permissions (independently meaning without canvassing or meatpuppetry)

In addition, however, a request for interface administrator at RFP will not be considered valid unless the user has also met all of the criteria in proposal 1.

Proposal 1
Interface administrator permissions may be immediately revoked by a bureaucrat, administrator, or steward without a prior discussion if either of the following occur:


 * The user account has shown indication of being compromised
 * The user has engaged in vandalism in restricted namespaces or on restricted pages

Proposal 2
Interface administrator permissions may be procedurally removed if the user holding the rights has been inactive on Meta for 30 consecutive days. If the user is active globally on other wikis, an attempt to contact the user and notify them of the pending removal of rights for inactivity should be made.

Proposal 3
Any member of the Miraheze community in good standing may initiate a request for removal of interface administrator rights ("vote of no confidence") if they believe that the rights have been abused, but there is not an urgent or emergency situation necessitating their immediate removal. A user starting such a request must demonstrate clearly why they believe the rights have been abused, and preferably should support their claims by providing diffs or discussion logs. A request for removal will be successful (i.e. will result in the removal of permissions) if:


 * The request clearly demonstrates abuse of the rights
 * The request has been open for at least 5 days
 * At least 5 users independently support the removal of the rights
 * There is no evidence that the request was created in bad faith as "retaliation" for actions with which one disagreed or other reasons