Github user tgravescs commented on the issue:
https://github.com/apache/spark/pull/21158
Also, Spark by default is shipped with not secure settings. Meaning
spark.acls.enable is false and spark.authenticate is false. I see no reason to
make the redact configs more strict then our defaults for those (Note I'm not
arguing we shouldn't redact credentials where Spark itself is showing). If a
user turns on the acls, then by default only the user who submitted the job can
see the UI.
Going back to https://issues.apache.org/jira/browse/SPARK-22479 it looks
like the user can see the url via the console, logs and I assume in the UI. Is
there somewhere else someone can see this information? I want to make sure I
understand the vulnerability here.
If you enable security properly on spark no user should have access to
those without being given permission. If you are not running with acls and
authentication on then I would argue there are a lot of attack vectors to where
I could run things as another user anyway.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
