Github user vanzin commented on the pull request:
https://github.com/apache/spark/pull/6676#issuecomment-110535287
> I'm wiling to be convinced multi-tenancy improvements without running
user apps
What do you need to be convinced of that? Apps can read all the data other
apps generate (in HDFS or other storage), apps can kill other app processes,
apps have access to *anything* other apps running as the same user have access
too.
Ignoring that if you really want you can find the secret by looking at the
memory of another process, all that the secret prevents is someone connecting
back to the driver and pretending to be an executor. Given all of the above, is
that really giving *any* extra security to the app?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
