Source: pnopaste Version: 1.7.4 Severity: wishlist Having "pastes" with monotonically increasing numbers allows an "attacker" to discover all pastes by simply counting through them from 0 on.
Assigning UUIDs to pastes would make that computationally impossible. Something like http://nopaste.linux-dev.org/?jA7vBQ8927 or such. *t -- System Information: Debian Release: 10.6 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-12-amd64 (SMP w/8 CPU cores) Locale: LANG=de_CH.utf8, LC_CTYPE=de_CH.utf8 (charmap=UTF-8), LANGUAGE=de_CH:de (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
