Github user andrewor14 commented on the pull request:
https://github.com/apache/spark/pull/7443#issuecomment-122617136
> @JoshRosen @andrewor14 The ports added are from options flags
'--authorized-address' which should be set to a secure ip origin. So, it's not
opening to the world. I think '--authorized-address' flag's default value
should not be '0.0.0.0/0' but that is another issue to have.
I see, but what is the use case in allowing the slave nodes in the cluster
to be able to submit to the master? It's not a security vulnerability in this
case, but I don't see a great motivation for changing the default behavior to
allow this.
> I'm not sure job submission from outside the cluster has ever been
supported.
No, I don't think so. If the user wishes to use cluster mode s/he can
configure the security groups himself / herself on the EC2 console, but I think
by default we should keep these ports closed to the rest of the world.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
