If the port 7077 is open for public on your cluster, that's all you need to take over the cluster. You can read a bit about it here https://www.sigmoid.com/securing-apache-spark-cluster/
You can also look at this small exploit I wrote https://www.exploit-db.com/exploits/36562/ Thanks Best Regards On Wed, Dec 16, 2015 at 6:46 AM, Judy Nash <judyn...@exchange.microsoft.com> wrote: > Hi all, > > > > Does anyone know of any effort from the community on security testing > spark clusters. > > I.e. > > Static source code analysis to find security flaws > > Penetration testing to identify ways to compromise spark cluster > > Fuzzing to crash spark > > > > Thanks, > > Judy > > >
