Github user kanzhang commented on the pull request:
https://github.com/apache/spark/pull/6676#issuecomment-110842872
> And as I said multiple times, that change does not depend on whether you
use stdin or env variables to pass the security secret to executors.
I guess what you meant is to support per-app secrets properly one must run
apps in users' own accounts. I certainly agree. What I'm exploring presently is
whether there is any low-hanging fruit to be had (or worth to be had) before we
get there. I don't have a definitive answer to it. That's why I seek opinions.
I know you don't think so. Let's see what others think. I thought about env
variable early on but rejected it for my present purpose since it is only
private to the user, not private to the process, as you pointed out in your
first comment. If, however, we conclude anything less than running apps in
users' own accounts is not worth trying, env variable is of course an option.
Hope this clarifies.
Independently, I want to understand the drawbacks of using stdin as a
private communication channel between Worker and Executor in the spark
environment. Pointers welcome.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
