~/.spark/spark.config.json permissions

Question

~/.spark/spark.config.json permissions

Closed this issue 10 years ago · 6 comments

Since the ~/.spark/spark.config.json file has an access token that allows arbitrary access to a user's cores, it should be created with an explicit 600 mode rather than using the default umask to prevent another user on the system from stealing it.

Answer 1 · 2015-02-24T00:22:26.000Z

@osresearch thank you for spotting this. Great point!

Answer 2 · 2015-02-24T00:23:23.000Z

@emilyrose, that will apply to new .json file creations as well since users are free to add more cloud profiles using spark config

Answer 3 · 2015-02-24T01:02:11.000Z

@kennethlimcp definitely. Let me get a PR together & you can tell me what you think.

Answer 4 · 2015-02-24T01:09:27.000Z

@osresearch, @kennethlimcp have a look at #149 and let me know what you think.

Answer 5 · 2015-02-24T01:55:33.000Z

Not at all proficient in java/nodejs so you guys definitely make a better call :)

Answer 6 · 2015-02-24T18:54:21.000Z

I forgot to tag the PR, but a fix for this has been merged. Thanks @osresearch and @kennethlimcp for weighing in!