Earlier this week, Pivotal® announced a security vulnerability specifically affecting the gphdfs protocol within their Greenplum Database® product. The vulnerability report can be read in its entirety here. The suggested remedy is to upgrade to Pivotal Greenplum® 220.127.116.11, the latest version as of this writing.
The gphdfs protocol allows customers the ability to query data from their existing Hadoop clusters via Greenplum External Tables. A couple tricks to audit your external tables to identify if your environment utilizes the gphdfs protocol:
- \dx (describe external tables)
- Query the catalog to pull out external tables where the location field includes gphdfs within it
Greenplum includes gphdfs functionality out of the box, however, additional pre-requisite configuration such as the installation of necessary Hadoop packages, Java configuration, and GUC parameter configuration within the Greenplum environment is required. It’s likely you have a good idea of whether or not you utilize gphdfs functionality within your environment but the steps above should help validate. If your environment is affected, please upgrade to the latest version of Greenplum as soon as conveniently possible.
Contributed by Jon Ernster – zData Senior Platform Architect