Github user kanzhang commented on the pull request:
https://github.com/apache/spark/pull/6676#issuecomment-110516991
> I don't see where you explained that at all.
I meant env variables can be seen by other apps since all apps are running
as the Spark daemon user. They can't be treated as secrets. Pipes, on the other
hand, provide a secure communication channel between parent and child processes
and can be used to pass per-child secrets.
> The same code that can write the secret to the child process's stdin (in
you patch) can set an env variable when launching that process.
That's exactly why I don't think setting env variables will make the patch
much simpler. One would substitute the 2 utility methods for writing/reading
stdin with equivalent ones of setting/reading env variables, but the rest of
the changes are still needed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
