Github user andrewor14 commented on the pull request:
https://github.com/apache/spark/pull/7443#issuecomment-124176509
> It's actually allowing users outside the cluster to be able to submit the
job. Not from the slave.
Yes, that's exactly what @JoshRosen and I are saying is a security concern.
A random person can now eat up all of our resources by running an application
that runs an infinite loop on all the executors.
@serialx As for port 4040 on the slave, are you referring to the SparkUI?
If so, can you be more specific? Which link from the SparkUI is not accessible
if we do not open 4040?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
