Github user skonto commented on the issue:
https://github.com/apache/spark/pull/20945
@susanxhuynh the doAs call from hadoop libs on the proxy user in
SparkSubmit is using java.security.AccessController.doPrivileged at the java
security level, what if I use a security manager policy to restrict file access
to the TGT file:
http://www.informit.com/articles/article.aspx?p=1187967&seqNum=3.
Then this way untrusted code could access certain files.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
