Github user vanzin commented on the pull request:
https://github.com/apache/spark/pull/6676#issuecomment-110544212
> As long as you give each app a different HDFS delegation token
And how do you plan to use delegation tokens in standalone mode without
kerberos?
> As long as we can find a secure way to distribute a per-app secret
There's no secure way unless you actually have proper user isolation, which
does not exist in standalone mode. Your proposed change protects users that are
not running Spark apps from being able to do bad things, so it's an
improvement. But you cannot fix standalone mode security just by hiding this
secret from the command line.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
