Github user vanzin commented on the issue: https://github.com/apache/spark/pull/22852 I'm fine with this, although I wonder if having a stronger wording about Spark standalone just not being secure would be better. Even if you enable auth, everybody needs to know the same auth secret, which is not optimal. It gives you a little bit of security, but not much. No isolation or anything. I'm also generally skeptical that people read and follow these things, but at least it's there. :-) (And just to comment on a previous comment by Sean, just enabling auth does not enable encryption.)
--- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org