Github user harishreedharan commented on the pull request:
https://github.com/apache/spark/pull/4688#issuecomment-76295426
Correct, the risk aspect is right. If the keytab is compromised, there is a
problem. The only way to work around this is to ensure that all communication
is secure - via SSL or other mechanisms. Since we are writing to the staging
dir, permissions does protect it. (I am not actually localizing it in the YARN
sense, I am just using the HDFS API to copy it over to the local Spark working
directory though, that is again secure via permissions).
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
