Generally it is never a good idea to run processes as root on any production machines. The main problem is the security problems not found or disclosed, so if someone malicious takes advantage of a vulnerability like the ones described below, they can first get in, and little by little escalate privileges with all the evil that entails. The harder you make it on the bad guys, the better. Think that what these people usually want is free computing capacity to mine cryptocurrencies, or create botnets, when not stealing confidential information that can be sold on the black market of your activities.
https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-38954/apache-spark.html El vie, 10 jun 2022 a las 11:44, Rodrigo (<albam...@gmail.com>) escribió: > Hi Everyone, > > > > My Security team has raised concerns about the requirement for root group > membership for Spark running on Kubernetes. Does anyone know the reasons > for that requirement, how insecure it is, and any alternatives if at all? > > > > Thanks, > > Rodrigo > -- Alonso Isidoro Roman [image: https://]about.me/alonso.isidoro.roman <https://about.me/alonso.isidoro.roman?promo=email_sig&utm_source=email_sig&utm_medium=email_sig&utm_campaign=external_links>
