When I browse out to a file and save it as an attachment, does a copy of the file in its native format get saved in the KeePass database, encrypted with the same level of integrity, etc.? From what I can see when I attach a text file to an entry in KeePass, the content of the text file is copied and inserted into what appears to be an html document, and this new document gets saved, even though the attachment displays with the same ".txt" suffix. Yet, I can delete the original file in the directory without affecting the attached version. So, it is not really clear to me in regard to the mechanics of what is saved or how. Also, what level of encryption gets applied to it? Any thoughts along these lines would be appreciated.
The KeePass password database, including documents added to an entry's attachments section, is encrypted as a whole when the database is locked or closed.
KeePass has an internal viewer to securely view / copy data from attachments. No HTML required, just the native file contents.