Hi, We are using the Apache Tika Parser and would like to move all the Runtime Execs out of the code for security purposes. We want to refactor and move them to tika-external package. This is mainly to not have anyone forking a process on the servers we run. It is both a security risk and performance penalty if people start sending email with attachments that require parsing things that do an execs. I see that there are configs that control some of it, however it is still not comprehensive. I would like to start a discussion in this direction. If you would like to see the proposed code changes please let us know. Regards, Ash
