> * People can and will randomly manipulate files to force the package
> manager to do weird things (it's even documented in various troubleshooting
> guides)
Well, obfuscating the database for the purpose of avoiding people to mess with
it doesn't sound like an overly good motivation. RPM headers would still be
binary and are signed, so you can't arbitrarily edit them like text files
anyways.
> * It is not possible to atomically update package information, nor
> provide any transactional qualities. This means also it's possible to have
> races all over the place, depending on filesystem and OS semantics.
I have no insight to the other database formats so can't comment on how that is
handled. For setups that never modify the running system but rather either
prepare images or modify snapshots the transactional capabilities of rpm do not
matter anyways. If anything goes wrong, no new snapshot/image gets produced.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1151#issuecomment-609733671
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
