tor: Warn hidden service users about anonymity

- When Tor hidden service is enable along with regular web server, it is
  possible to de-anonymize the server.

- When Tor hidden service is enabled along with Tor relay, the hidden
  service can be de-anonymized by sending large traffic observing
  traffic patterns published by Tor relay.  See:
  https://trac.torproject.org/projects/tor/ticket/8742

Warn users not to rely on Tor hidden service functionality for strong
anonymity.  We can remove this warning when implement a mechanism to
disable most other services when Tor hidden service is enabled.

plinth/modules/tor/forms.py

@@ -44,7 +44,8 @@ class TorForm(forms.Form):  # pylint: disable=W0232
         help_text=format_lazy(_(
             'A hidden service will allow {box_name} to provide selected '
             'services (such as ownCloud or chat) without revealing its '
-            'location.'), box_name=_(cfg.box_name)))
+            'location. Do not use this for strong anonymity yet.'),
+                              box_name=_(cfg.box_name)))
     apt_transport_tor_enabled = forms.BooleanField(
         label=_('Download software packages over Tor'),
         required=False,