[
https://issues.apache.org/jira/browse/SPARK-16501?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15437539#comment-15437539
]
Alex Bozarth commented on SPARK-16501:
--------------------------------------
The first problem (web ui) was fixed by
https://github.com/apache/spark/pull/14484 as a follow up to SPARK-16796
> spark.mesos.secret exposed on UI and command line
> -------------------------------------------------
>
> Key: SPARK-16501
> URL: https://issues.apache.org/jira/browse/SPARK-16501
> Project: Spark
> Issue Type: Improvement
> Components: Spark Submit, Web UI
> Affects Versions: 1.6.2
> Reporter: Eric Daniel
> Labels: security
>
> There are two related problems with spark.mesos.secret:
> 1) The web UI shows its value in the "environment" tab
> 2) Passing it as a command-line option to spark-submit (or creating a
> SparkContext from python, with the effect of launching spark-submit) exposes
> it to "ps"
> I'll be happy to submit a patch but I could use some advice first.
> The first problem is easy enough, just don't show that value in the UI
> For the second problem, I'm not sure what the best solution is. A
> "spark.mesos.secret-file" parameter would let the user store the secret in a
> non-world-readable file. Alternatively, the mesos secret could be obtained
> from the environment, which other users don't have access to. Either
> solution would work in client mode, but I don't know if they're workable in
> cluster mode.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
