soumasish commented on PR #48941: URL: https://github.com/apache/spark/pull/48941#issuecomment-2518053563
@tgravescs There's no escalation of privilege. Quoting @srowen original comment on the ticket. `We had already discussed this on the mailing list. This is not considered a vulnerability, as it doesn't let you do anything you can't do in a Spark application. The problem is specific to your deployment, and you can sanitize this in your specific application. However if there is a reliable and simple sanitation for this that doesn't prohibit valid flags, it's probably fine to add. This isn't something that users need to be able to do of course.` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
