Github user vanzin commented on the pull request:
https://github.com/apache/spark/pull/4106#issuecomment-76038575
> Come to think of it, with my current approach, since the keytab is
specified in the driver's SparkConf, theoretically different Spark applications
can specify different keytabs and principals for the login.
But that's the first security issue I mentioned. In Standalone mode, all
executors will be running as the same local user (the user running the Worker
process), so executors would need read access to all those keytabs. So every
user can potentially see every other user's keytab.
> Part of the reason why this is confusing to me is that when I looked at
secure HDFS configurations, there is only one keytab file that can be specified
for the namenode
The keytab for the NN and the keytab for users running applications are
completely unrelated. The NN needs a keytab so that it can authenticate itself
to DNs and vice-versa, so that they know who they're talking to. But users
talking to HDFS identify themselves as, well, themselves, and use their own
credentials.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
