>SQLite security:
>It is one, if not the most secure, library out there. It is very hard to crack it, and it will not allow running any harmful code on a machine. It is used in almost anything with a computer, partially because of its security and reliability.https://www.blackhat.com/docs/us-17/wednesday/us-17-Feng-Man...
Yes, I have read https://www.sqlite.org/security.html , but
* I still don't believe it is possible to make SQLite secure as an exchange format, there is a long trail of vulnrs in it allowing to achieve an RCE triggered by just opening a maliciously crafted database file and SELECTing from it.
* IMHO quality metrics for a good RDBMS are different from the ones of a good archiver. Everything is a tradeoff and there is ain't no such a thing as free lunch. RDBMS are information retrieval tools, they require good performance on wide ranges of queries and are usually operated on trusted data, so sacrificing some amount of security for performance is a tradeoff good RDBMS have to make. Archivers also need to be performant, but they are almost always operated on files from untrusted sources (downloaded from the Internet from random web pages) and so first of all they need to be secure, and then queries for them are pretty limited (basically it is a key-value storage), so a good archiver should optimize storage format for that purpose.
I know that when one has a hammer, all problems look like a nail, but let's drive nails with hammers, not with microscopes ("drive nails with microscopes" is a Russian idiom, I hope you get its meaning).