Github user mridulm commented on the issue: https://github.com/apache/spark/pull/17723 @vanzin While UGI does provide credential store and implementations for GSSAPI, it also does a bunch of other things - which are leveraged by hadoop ipc, hadoop common, etc. Leveraging ugi from a non hadoop env is always a potential risk - due to evolution of ugi to support hadoop usecases, expectations of hadoop api from ugi, and interaction between hadoop and non hadoop deployments (for example - a non hadoop based resource manager application interacting with a hadoop based service). As an implementation detail, mesos could be depending on UGI - but introducing this into core security should merit careful consideration. If possible, we should abstract things out so that use of UGI is an implementation detail of yarn and mesos (which, if I understand correctly, is the argument you made for current use of UGI by @mgummelt ) - while keeping core open to other implementations.
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. --- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org