soumasish commented on PR #48941: URL: https://github.com/apache/spark/pull/48941#issuecomment-2513265608
@cryptoad Completely disallowing JVM flags might be difficult in deployments, as users may need to specify legitimate JVM options for tuning and debugging purposes. While it's true that sanitizing these characters doesn't prevent all possible code execution avenues provided by the JVM options, it does reduce the attack surface by eliminating straightforward command injection vectors that could be exploited in environments where these options are dynamically constructed or influenced by user input. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
