William Richards #SaveOurInternet wrote:
> Does a package only get compressed when it is updated or when the
> compressor used to compress it (e.g. Zstandard, XZ, etc.) is updated? I'm
> hoping this is only the case if the program itself gets updated because
> this would decrease the chance of exploits and backdoors.
> I'm asking this for a friend and they're extremely scared about this kind
> of thing.
I'm not sure of the exact question you are asking, so let me
explain a couple of things and you could ask further questions.
A Debian package is a particular kind of file archive: a file
that stores other files within itself, in a way which allows the
complete retrieval of the original other files.
You can read about the format with the command
$ man ar
You can inspect the properties of a specific .deb package (or
any other kind of file) with the file command. Here's an example
of the information it will tell you:
$ file maptool-1.7.0.deb
maptool-1.7.0.deb: Debian binary package (format 2.0),
with control.tar.xz ,
data
compression xz
So this particular .deb package has the XZ compression method
used So this particular .deb package has the XZ compression
method used on it. That method was set at the time the file was
written.
For any file that you or anyone else compresses, the resulting
compressed file is written to some kind of storage and we expect
it not to change after that unless deliberate written again.
In fact, Linux has several ways of writing files to storage,
each with various goals. The most common filesystem, ext4fs,
aims for a balance of features, performance, and general
structural integrity. If it gets damaged a little, the system as
a whole should keep running, even if files are lost.
Other filesystems have goals like "compatibility with other
systems" or "performance" as their highest ideal. There are
some, like ZFS, which prioritize "data integrity" as their top
goal. ZFS doesn't just write your data: it calculates integrity
codes for each file, stores the integrity information, and
re-verifies it on every read. If you give it multiple disks, it
can write the same file on multiple disks in a variety of ways
so that your files will survive the loss of one, two, or three
disks simultaneously.
But in all cases, once a file is written, whether it is
compressed or not, we expect to read back the same information
that we wrote. Anything else constitutes an error of some kind,
hopefully to be detected and in some cases corrected.
-dsr-
