daknob / TorPaste

A Pastebin for Tor
MIT License
15 stars 7 forks source link

Add option to mark paste as unlisted #22

Closed daknob closed 8 years ago

daknob commented 8 years ago

Let's add an option with every new paste with the ability to mark it as private, effectively removing it from the list of all pastes.

A feature like this will conflict with the paste deduplication method we currently use since a new paste can override the previous paste's status, however, one could argue that if someone discovers the paste ID and then posts it again, there's no point in marking the previous paste as private again.

The ability for users to mark pastes as private can be configurable via the configuration file.

j11e commented 8 years ago

So a private paste would not appear in the list of pastes, but if one guessed the id and entered the correct URL, they would be able to see the paste? That is what Pastebin calls "unlisted" pastes. How about implementing both unlisted and private pastes?

A simple solution for the filesystem backend is to simply use a new metadata, let's call it "visibility", which contains public/unlisted/private, and an additional metadata, "password", which only exists for private pastes.

Private pastes could not be submitted with an empty password, and the password would be ignored for non-private pastes. The value we save for passwords would be the sha256 hash of the submitted password.

The listing page would only show public pastes, which is a simple map to do on the PasteList variable in the list() method.

daknob commented 8 years ago

First of all, let me say that I had Unlisted Pastes in mind and not Private. Thanks for making this distinction.

However, in any case, we have a tiny problem we need to solve if we are to add this functionality. The current Paste ID is calculated as sha256( P ) where P is the content of the paste. That means that if User A posts a paste with the content Hello World and then marks it as Unlisted, User B can post a paste with the same content, Hello World, and mark it as public.

Of course, one could argue that if a user already knows the paste contents, it is essentially public.

The current method of generating Paste IDs is used for easy deduplication: a paste with the same content will always overwrite the previous one.

So I would recommend we first implement Unlisted pastes, and allow users to overwrite the status of a previous paste. That means that if they're able to do it, they already know the contents.

For the Private Pastes, I will open a new GitHub Issue and we can discuss it there.

j11e commented 8 years ago

Agreed.

j11e commented 8 years ago

FYI: this feature is now working on my local version and I will send the PR soon. I'm not gone! :)