[GitHub] spark pull request: [SPARK-8129] [CORE] [SECURITY] Securely pass a...

Fri, 05 Jun 2015 15:05:31 -0700 

GitHub user kanzhang opened a pull request:

    https://github.com/apache/spark/pull/6676

    [SPARK-8129] [CORE] [SECURITY] Securely pass auth secret to executors via 
pipes

    Currently, in standalone cluster mode, auth secrets are passed to executors 
as java options on the command line. This is insecure since anyone running a 
'ps' command can see it. This patch uses subprocesses' stdin's to pass auth 
secrets in standalone mode.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/kanzhang/spark pipe

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/spark/pull/6676.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #6676
    
----
commit 58a9f2618f3563827200697c956d72269d3364fd
Author: Kan Zhang <[email protected]>
Date:   2015-06-04T17:16:07Z

    Send app secret to executors via pipes

commit 5d333d954357a94961275ea873e4319e86ab47ff
Author: Kan Zhang <[email protected]>
Date:   2015-06-04T19:04:02Z

    minor refactoring

commit 7404ab35ec6c599ddb59ac72c816d8da83f92e6b
Author: Kan Zhang <[email protected]>
Date:   2015-06-04T22:59:17Z

    adding StandaloneRestServer test

commit 9f047c44a8ff63483a85ec82cb0b598294c3e5cc
Author: Kan Zhang <[email protected]>
Date:   2015-06-05T00:06:00Z

    use PrivateMethodTester

commit 3f78b261af266e150abad9922418eb7b16d4eee8
Author: Kan Zhang <[email protected]>
Date:   2015-06-05T01:31:09Z

    test refactoring

commit e535d3dfd927f479d4a495913c7288d0e3c2ef52
Author: Kan Zhang <[email protected]>
Date:   2015-06-05T17:56:34Z

    Add SparkDeploySchedulerBackend test

commit d05244ef03be899ec78e4ecb87a4f7ce6f67b025
Author: Kan Zhang <[email protected]>
Date:   2015-06-05T20:52:49Z

    added ClientSuite test

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to