spark-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "t oo (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SPARK-26998) spark.ssl.keyStorePassword in plaintext on 'ps -ef' output of executor processes in Standalone mode
Date Tue, 26 Feb 2019 23:11:00 GMT

     [ https://issues.apache.org/jira/browse/SPARK-26998?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

t oo updated SPARK-26998:
-------------------------
    Labels: SECURITY Security secur security security-issue  (was: )

> spark.ssl.keyStorePassword in plaintext on 'ps -ef' output of executor processes in Standalone
mode
> ---------------------------------------------------------------------------------------------------
>
>                 Key: SPARK-26998
>                 URL: https://issues.apache.org/jira/browse/SPARK-26998
>             Project: Spark
>          Issue Type: Bug
>          Components: Scheduler, Security, Spark Core
>    Affects Versions: 2.3.3, 2.4.0
>            Reporter: t oo
>            Priority: Major
>              Labels: SECURITY, Security, secur, security, security-issue
>
> Run spark standalone mode, then start a spark-submit requiring at least 1 executor. Do
a 'ps -ef' on linux (ie putty terminal) and you will be able to see  spark.ssl.keyStorePassword
value in plaintext!
>  
> spark.ssl.keyStorePassword and  spark.ssl.keyPassword don't need to be passed to  CoarseGrainedExecutorBackend.
Only  spark.ssl.trustStorePassword is used.
>  
> Can be resolved if below PR is merged:
> [[Github] Pull Request #21514 (tooptoop4)|https://github.com/apache/spark/pull/21514]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org


Mime
View raw message