You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "t oo (JIRA)" <ji...@apache.org> on 2019/02/26 23:09:00 UTC

[jira] [Created] (SPARK-26998) spark.ssl.keyStorePassword in plaintext on 'ps -ef' output of executor processes in Standalone mode

t oo created SPARK-26998:
----------------------------

             Summary: spark.ssl.keyStorePassword in plaintext on 'ps -ef' output of executor processes in Standalone mode
                 Key: SPARK-26998
                 URL: https://issues.apache.org/jira/browse/SPARK-26998
             Project: Spark
          Issue Type: Bug
          Components: Scheduler, Security, Spark Core
    Affects Versions: 2.4.0, 2.3.3
            Reporter: t oo


Run spark standalone mode, then start a spark-submit requiring at least 1 executor. Do a 'ps -ef' on linux (ie putty terminal) and you will be able to see  spark.ssl.keyStorePassword value in plaintext!

 

spark.ssl.keyStorePassword and  spark.ssl.keyPassword don't need to be passed to  CoarseGrainedExecutorBackend. Only  spark.ssl.trustStorePassword is used.

 

Can be resolved if below PR is merged:

[[Github] Pull Request #21514 (tooptoop4)|https://github.com/apache/spark/pull/21514]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org