Github user rvesse commented on a diff in the pull request:
https://github.com/apache/spark/pull/23013#discussion_r234144540
--- Diff: docs/running-on-kubernetes.md ---
@@ -15,7 +15,19 @@ container images and entrypoints.**
# Security
Security in Spark is OFF by default. This could mean you are vulnerable to
attack by default.
-Please see [Spark Security](security.html) and the specific security
sections in this doc before running Spark.
+Please see [Spark Security](security.html) and the specific advice below
before running Spark.
+
+## User Identity
+
+Images built from the project provided Dockerfiles do not contain any
[`USER`](https://docs.docker.com/engine/reference/builder/#user) directives.
This means that the resulting images will be running the Spark processes as
`root` inside the container. On unsecured clusters this may provide an attack
vector for privilege escalation and container breakout. Therefore security
conscious deployments should consider providing custom images with `USER`
directives specifying an unprivileged UID and GID.
--- End diff --
I would like this PR to go in first as this will also want back porting
as-is to branch-2.4
Then in PR #23017 I will update the docs to explain the new defaults, how
to customise etc. before that gets merged into master
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
