Downloading and using a database from an untrusted source?

Question

If I were to get the database (in this case for postgresql) from an untrusted source, is there a risk of activating it and querying it?

+5

Hoboben Aug 4 '10 at 2:42

2 answers

, , , , , PL/PythonU. , - , , , Postgres.

, , .

+1

rfusca 04 . '10 3:55

Seth · Accepted Answer · 2010-08-04T02:55:27+0000

There are many possible attack vectors, if that is what you are asking for. Here are some of them that I can think of from my head:

Maybe the database link is actually a link to a hacked PDF file that will exploit some vulnerability in your Acrobat plugin (your PDF plugins are fixed, right? This is really a popular attack vector lately).
If it’s stuck, maybe it’s really lightning.
, , .
, , .
, , .

, . Postgres - (, postgres). , - .

"", , "" . , , .