Github user srowen commented on a diff in the pull request:
https://github.com/apache/spark/pull/22852#discussion_r228536180
--- Diff: docs/security.md ---
@@ -6,7 +6,20 @@ title: Security
* This will become a table of contents (this text will be scraped).
{:toc}
-# Spark RPC
+# Spark Security Overview
+
+Security in Spark is OFF by default. This could mean you are vulnerable to
attack by default.
+Spark supports multiple deployments types and each one supports different
levels of security. Not
+all deployment types will be secure in all environments and none are
secure by default. Be
+sure to evaluate your environment, what Spark supports, and take the
appropriate measure to secure
+your Spark deployment
--- End diff --
Nit: period at end. I do like highlighting security issues. This reads now
like a simple disclaimer: security isn't on, it's your responsibility, Spark
isn't secure out of the box, we can't secure everything for you, don't blame
us, etc. That may be true but I think it's more constructive here to make this
a list of N key security issues and what to know, as forward pointers into the
document. Like, along the lines of:
- Enable `spark.authenticate.secret` to encrypt communication with the
master
- Note that REST API isn't secured
- Use firewall rules to restrict access to key ports
- ...
... with links
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
