GitHub user vanzin opened a pull request:
https://github.com/apache/spark/pull/8218
[SPARK-10004] [shuffle] Perform auth checks when clients read shuffle data.
To correctly isolate applications, when requests to read shuffle data
arrive at the shuffle service, proper authorization checks need to
be performed. This change makes sure that only the application that
created the shuffle data can read from it.
Such checks are only enabled when "spark.authenticate" is enabled,
otherwise there's no secure way to make sure that the client is really
who it says it is.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/vanzin/spark SPARK-10004
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/spark/pull/8218.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #8218
----
commit 17eb1872140f28c95d9027480ba18d30af98a15d
Author: Marcelo Vanzin <[email protected]>
Date: 2015-08-14T22:11:14Z
[SPARK-10004] [shuffle] Perform auth checks when clients read shuffle data.
To correctly isolate applications, when requests to read shuffle data
arrive at the shuffle service, proper authorization checks need to
be performed. This change makes sure that only the application that
created the shuffle data can read from it.
Such checks are only enabled when "spark.authenticate" is enabled,
otherwise there's no secure way to make sure that the client is really
who it says it is.
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
