Making any directories to be installed read-only, results in cpio /*So this may be indeed a cpio bug.*/ complaining about not being able to write into these directories [at ``rpm -U''-time]. Separating the act of writing files and the act of adjusting permissions [doing the latter bottom up, like GNU-``chmod -R'' does] would eliminate the problem. This feature is especially important, since in a non-root environment, the only means to protect your rpm installation from your own faults is file permissions.
This is mainly a packaging rather than an rpm issue. Most packages have directories that are "read-only" for (at least) others, and rpm installs those directories, and files therein, quite well. Rpm packages also include owners, groups and modes that can be different than those inside the gzipped cpio payload, so conforming to the tyranny of /bin/cpio (which rpm does not use to install packages) requirements is not an issue. Is the issue that you wish to package 0555 directories? If so, you should be able to install your package as root (the id that always has write permission) and package with non-root owner/mode for directories. If that is not the case, please reopen this bug with an example specfile that cannot install 0555 directories as root.