Re: [PR] [SPARK-51209][CORE][FOLLOWUP] Use `user.name` system property first as a fallback [spark]

via GitHub Thu, 13 Feb 2025 19:45:34 -0800


dongjoon-hyun commented on code in PR #49949:
URL: https://github.com/apache/spark/pull/49949#discussion_r1955515746



##########
core/src/main/scala/org/apache/spark/util/Utils.scala:
##########
@@ -2448,7 +2449,7 @@ private[spark] object Utils
     } catch {
       // JEP 486: Permanently Disable the Security Manager
       case e: UnsupportedOperationException if 
e.getMessage().contains("getSubject") =>
-        "spark"
+        System.getProperty("user.name", "spark")

Review Comment:
   This is the same case when you use `SPARK_USER=spark`.
   
   Security is already broken here when `getSubject` is disallowed, @yaooqinn .



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org

Re: [PR] [SPARK-51209][CORE][FOLLOWUP] Use `user.name` system property first as a fallback [spark]

Reply via email to