Hi Stefano, what exactly do you mean by a secure cluster? A Flink on YARN session in a secured YARN cluster? A standalone Flink cluster with access to a secured HDFS?
Your observation is right. We are not check if a job submitted by any user is running in the same security context as the Flink cluster. On Thu, May 5, 2016 at 11:57 AM, Stefano Baghino < stefano.bagh...@radicalbit.io> wrote: > Hello everybody, > > last week I've run some tests on a secure cluster and I noticed that an > unauthenticated user can submit a Flink job that will only eventually fail > if the job tries to access secured resources (e.g. HDFS). This doesn't > prevent however the user to consume resources of the secure cluster without > authentication (I tried it with the WordCount example). > > I'd say this is a bug; is there a reason for this? If you share my feeling > on this, I pinpointed the code that's responsible for this and the fix > seems trivial, I can open an issue and a PR today. Thanks! > > -- > BR, > Stefano Baghino > > Software Engineer @ Radicalbit >
