First a general comment, I'm really impressed with how "simple" this
actually looks particularly given you have been able to use an existing
archive format.
I assume when you mention ZIP as a format that was considered the JAR
variant of it was too.
I really have only one comment and that is about integrity protection of
the on disk format.
Lets assume for a moment that the package contents themselves are
cryptographically signed so they are covered.
However the archive format version doesn't have any additional integrity
protection. In particular there doesn't appear to be any protection
that the index is pointing to the correct places and there doesn't
appear to be any integrity protection of content like the pub.p5i file
that aren't actually package contents.
Is there really a risk here ?
Compare this to what ZFS does. It uses a Merkle tree of checksums going
all they way back to the uberblock.
--
Darren J Moffat
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss