"Эксперимент с использованием SQLite в качестве контейнера для архивирования файлов"
Сообщение от Аноним (82), 26-Мрт-24, 02:21 
Noone sane uses statically-linked libs and sane distros would never accept anything using statically linked libs. It is unmaintainable shit. If a yet another critical RCE vulnr is found in your precious SQLite, then the lib in the distro will be upgraded, but your archiver (needed by nobody sane and kept only to make a check mark that they have it in the repo, if it got enough adoption) with statically linked SQLite will stay vulnerable.

We have enough pain in the ass with Python's pickle, which should be considered a backdoor. If your archiver gets any adoption, there will be a yet another backdoor. Yes, I consider your archive format as a backdoor, and the attempt to forcibly promote it, to the point you are tracking mentions of it on websites in foreign languages, as an attempt to promote a hard-to-remove (if it got adoption and there would be enough archives of your format with valuable unique content in the Internet, so users would have no other option, but to either use SQLite and tolerate the risk, or create an own impl of SQLite specifucally designed to deal with malicious databases securely) backdoor.

