On Tue, Oct 4, 2016 at 5:43 PM, Sam Varshavchik <mrsam@courier-mta.com> wrote:
Strictly speaking Fedora doesn't make you do the first one, but it's
*well* understood for a long time how fragile this is which is why
offline updates was created.

Well, this is a surprise to me. I guess my faith in dnf was misplaced.

Here also.  The DNF team has done an excellent job in obfuscating the horror IMO because (knock on wood) I've always been very impressed 
with the features and functionality.  Seems a shame that all those nice bells and whistles will now be hidden behind some gui or pkcon.

I've been scrambling reading threads trying to understand what exactly is the exposure here.  The only thing I could find that quantified the risk was in this kde thread:

"...Updating online works 99.8% of the time. The 0.1%
time it will corrupt random bits of your file-system, and 0.1% of the
time it will leave you vulnerable to the security issue you thought
you just "fixed". The only way to fix this so that online updates are
safe is to redesign the centralised shared package model we use for
distributing applications. The workaround is to use offline updates..."