[Netatalk-admins] Request for Comment: Deprecate afprun functionality

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Dear Netatalk users,

To continue with our mission to make Netatalk safer and more maintainable, I would like to propose removing "afprun" functionality from the next point release of Netatalk (3.2.0).

Ticket for tracking: https://github.com/Netatalk/netatalk/issues/550

What this means, is that the following options will be removed:

- preexec
- root preexec

- postexec
- root postexec
- preexec close
- root preexec close
- stat vol

This code constitutes a major opportunity to run arbitrary shell commands (with root privileges) on the host, with all sorts of security implication.

Do you have deployments of Netatalk that rely on the above?
If so, we would love to know more about your use case!

Thank you!

Daniel