@SSP It should be possible by playing with custom boundary permissions (read: can view something given its URI, see: can discover it in a list/feed) though we probably need to write some unit tests to verify that there are no leaks (that read-only posts don't appear in any feeds, threads, etc if you don't also have see permission) and it'd be useful to also have a simplified UX for creating a post with these permissions.