[R] Restricting R session

Antonio Rodriges antonio.rrz at gmail.com
Thu Jan 12 20:52:25 CET 2012


Thank you, Thomas,

> More precisely, there are several packages that could provide separate
> sessions, such as rserve and RApache.

Thank you, we tried RServe. RApache is new for me. I've checked it: R
access through Apache server. I also found interesting blog
http://www.stat.ucla.edu/~jeroen/ when I searched for RApache.
However, as you know, none of them supports security or is able to put
some constraints on the session.

> It used to be possible to impose memory-use limits on the R heap
> itself from R, but this didn't restrict malloc() allocation from C
> code. These are deprecated now (see ?Memory) and OS-based restrictions
> are recommended.  It has never been possible to restrict disk or CPU
> usage from inside R, and it's hard to see how R could do this more
> portably than the OS.
>
> <CUT>
> Securing the use of R probably has to be done outside R itself:
> control access via something like ssh, use ulimit to limit resources,
> and if you have to deal with potentially malicious users, run in a
> chroot jail.
>

Thomas, seems you are right - the best possible way to accomplish our
goals is to use operating system facilities.

Kind regards,
Antonio Rodriges



More information about the R-help mailing list