Github user vanzin commented on a diff in the pull request:
https://github.com/apache/spark/pull/23017#discussion_r233545844
--- Diff:
resource-managers/kubernetes/docker/src/main/dockerfiles/spark/entrypoint.sh ---
@@ -30,6 +30,10 @@ set -e
# If there is no passwd entry for the container UID, attempt to create one
if [ -z "$uidentry" ] ; then
if [ -w /etc/passwd ] ; then
+ # TODO Should we allow providing an environment variable to set
the desired username?
--- End diff --
@ifilonenko
> is there a security problem with running as root in an isolated container?
Other than it always being a horrible idea to run things as root, some
deployments may disable containers that run as root from working. And if they
do, and you mount some host directory into the container, the container has
full privileges over that directory, which can be an issue.
In general, it's better to just avoid doing things as root since it raises
more questions than it answers.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
