Github user vanzin commented on the issue:
https://github.com/apache/spark/pull/22852
I'm fine with this, although I wonder if having a stronger wording about
Spark standalone just not being secure would be better. Even if you enable
auth, everybody needs to know the same auth secret, which is not optimal. It
gives you a little bit of security, but not much. No isolation or anything.
I'm also generally skeptical that people read and follow these things, but
at least it's there. :-)
(And just to comment on a previous comment by Sean, just enabling auth does
not enable encryption.)
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
