I have a file which is infected with a virus, my java program opens a fileinputstream to that file and then subsequently loads it into an oracle db as a BLOB using setbinarystream method of preparedstatement, is there any virus threat to my system on which I am doing this activity ? I know that I am not executing the file and there is no threat - but still, i have to write some solid justification to my manager, any official links/material will be helpful.
Please note that this activity is being done in unix enviornment.
Well, first off, is it a UNIX virus or a Windows virus? If it's a Windows virus, then of course it poses no threat at all no matter what you do with it. It only infects Windows!
If it's a rare UNIX virus, then I suppose it's conceivable that something as simple as reading the file could, indeed, include a risk. For example, if the attack vector is the operating system's I/O routines, or the Oracle database software, then sending the file through might infect the machine. But the code would have to specifically be designed to work this way, and frankly, I've never heard of a virus that infected a UNIX kernel by merely being read or written from a file -- I'm not sure such a thing is possible.