If I was to obtain a database (in this case for postgresql) from an untrusted source, is there any risk in activating it and querying it?
There are plenty of possible attack vectors there, if that's what you're asking. Here are a few that I can think of off the top of my head:
Maybe the link to the database is actually a link to a hacked PDF file that will exploits some vulnerability in your Acrobat plugin (your PDF plugins are patched, right? this is a really popular attack vector lately).
If it's zipped, maybe it's really a zip bomb.
If it's a binary dump, maybe it's trying to exploit some bug in the restore process.
Maybe it contains malicious stored procedures that will drop your databases or scramble your passwords.
Maybe it's just a text dump that has a bunch of drop statements in it.
Practically speaking, It's not exactly low hanging fruit. Postgres is a niche product with a limited audience (developers who like postgres). I find it pretty unlikely that it a database dump would be used to deliver some kind of malware.
Whether it's "safe" depends on what "untrusted" means in this case. If you're really concerned, load it up in a virtual machine with networking turned off to limit the possible damage.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With