Github user skonto commented on the issue:
https://github.com/apache/spark/pull/19272
When executor is started it asks from CoarseSchedulerBackend the spark
config which contains the hadoop credentials
https://github.com/apache/spark/blob/7c92351f43ac4b1710e3c80c78f7978dad491ed2/core/src/main/scala/org/apache/spark/scheduler/cluster/CoarseGrainedSchedulerBackend.scala#L235.
As we have discussed this is not safe. Using rpc an arbitrary executor
could register to the scheduler and get tokens. Does this code handle this, do
we authenticate executors? How about encryption at least at the rpc level? The
latter is not supported on mesos (spark.io.encryption.enabled).
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
