skonto edited a comment on issue #24748: [SPARK-27872][K8s] Fix executor service account inconsistency URL: https://github.com/apache/spark/pull/24748#issuecomment-498066570 @felixcheung that is true yet the driver needs to create certain resources so it needs some privileges. So DoS is possible here by design before this PR and as you said it is not secure in that sense. On the other hand, afaik this is the case with other resource managers eg. mesos where you could potentially register an arbitrary framework and start accepting offers with the same privileges. Only quotas can restrict the misuse here so if there are no quotas user can do by definition whatever the account allows to. So it does not seem an issue.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
