[
https://issues.apache.org/jira/browse/SPARK-23567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16383723#comment-16383723
]
Thomas Graves commented on SPARK-23567:
---------------------------------------
I also question whether the url should be redacted by default, but I would want
to look more at SPARK-22479 to understand what url was hidden since the Jira
doesn't have an example.
> spark.redaction.regex should not include user by default, docs not updated
> --------------------------------------------------------------------------
>
> Key: SPARK-23567
> URL: https://issues.apache.org/jira/browse/SPARK-23567
> Project: Spark
> Issue Type: Bug
> Components: Spark Core
> Affects Versions: 2.2.1
> Reporter: Thomas Graves
> Priority: Major
>
> SPARK-22479 changed to redact the user name by default. I would argue
> username isn't something that should be redacted by default and its very
> useful for debugging and other things. If people are running super secure and
> want to turn it on they can but I don't see the user name as a default
> security setting. There are also other ways on the UI to see the user name,
> for instance on yarn you can go to the Environment page and looking at the
> resources and see the username in the paths.
> Also the Jira did not update the default setting in the docs, so the docs are
> out of date:
> http://spark.apache.org/docs/2.2.1/configuration.html
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
