soumasish commented on PR #48941: URL: https://github.com/apache/spark/pull/48941#issuecomment-2498316536
> > This allows an attacker to execute arbitrary shell commands on the cluster nodes where the executors run, leading to potential security breaches like unauthorized file creation in this case. > > If this would have been a security issue, it should have been reported to us privately as documented at https://spark.apache.org/security.html . > > Luckily, there is no problem in this case: as mentioned in [SPARK-50240](https://issues.apache.org/jira/browse/SPARK-50240), there is no privilege escalation here: putting 'dangerous' input in the 'extraJavaOptions' parameter does not give an attacker any privileges that they don't already have access to through the job they are submitting. > > Still, if possible, correctly escaping this parameter would be a reasonable improvement, so thank you for opening this PR! > > This allows an attacker to execute arbitrary shell commands on the cluster nodes where the executors run, leading to potential security breaches like unauthorized file creation in this case. > > If this would have been a security issue, it should have been reported to us privately as documented at https://spark.apache.org/security.html . > > Luckily, there is no problem in this case: as mentioned in [SPARK-50240](https://issues.apache.org/jira/browse/SPARK-50240), there is no privilege escalation here: putting 'dangerous' input in the 'extraJavaOptions' parameter does not give an attacker any privileges that they don't already have access to through the job they are submitting. > > Still, if possible, correctly escaping this parameter would be a reasonable improvement, so thank you for opening this PR! Thanks @raboof for pointing that out. Duly noted and updated the PR description accor -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
