Github user tgravescs commented on a diff in the pull request:
https://github.com/apache/spark/pull/22852#discussion_r228544730
--- Diff: docs/security.md ---
@@ -6,7 +6,20 @@ title: Security
* This will become a table of contents (this text will be scraped).
{:toc}
-# Spark RPC
+# Spark Security Overview
+
+Security in Spark is OFF by default. This could mean you are vulnerable to
attack by default.
+Spark supports multiple deployments types and each one supports different
levels of security. Not
+all deployment types will be secure in all environments and none are
secure by default. Be
+sure to evaluate your environment, what Spark supports, and take the
appropriate measure to secure
+your Spark deployment
--- End diff --
I thought about this but this is very specific to a users environment. The
rest of the doc has the things you listed. We aren't responsible for securing
other things in their environment so I wasn't wanting to make it sound like it
was a comprehensive list.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
