Hello, I want to discuss Shell interpreter issue with you.
For your information, we had a security report using Shell interpreter to execute malicious code with a system account. As you know, it's a kind of characteristic of Apache Zeppelin but some contributors including me thought it was too risky even if it's a feature. Moreover, I thought that we had some workarounds to do similar executions. However, after releasing it, there were many questions via several channels about the deprecation of Shell interpreter. I would like to follow the community's decision. For one more piece of information, we already have a security page to warn the code execution feature so we can keep the Shell interpreter without any further treatment. Could you please give me your opinion on this? If we conclude keeping it, I'll release a new release of 0.11.2 including Shell interpreter again. Best regards, Jongyoul Lee
