[R-sig-teaching] installing Rcmdr
tyler
tyler.smith at mail.mcgill.ca
Sun Feb 15 18:56:57 CET 2009
Prasenjit Kapat <kapatp at gmail.com> writes:
> On Sun, Feb 15, 2009 at 11:03 AM, tyler <tyler.smith at mail.mcgill.ca> wrote:
>> Ista Zahn <istazahn at gmail.com> writes:
>>
>>> I've found the version of R in the Ubuntu repository is almost always
>>> out of date. Here is the process I follow:
>>>
>>> 4) Start R from the command line as root so I can install packages
>>> system-wide: sudo R
>>
>> As an alternative, if you set the permissions on
>> /usr/local/lib/R/site-library to allow universal write access, you can
>> call install.packages() from R without having root privileges:
>>
>> sudo chmod o+w /usr/local/lib/R/site-library
>
> Is that a safe / secure?
I think the primary safety provided by granting only root access to
/usr/local/lib/R/site-library is that it prevents random users from
installing R packages. This is important if multiple users are depending
on the correct libraries being properly installed, but I think it's a
non-issue on single-user laptops. I don't think the security of my
system is any less than if I was installing my packages to ~/mylibs/,
which is what I do on my university's cluster.
In either case, an attack would require someone compromised my machine,
(or the R repositories) and the impact would be limited to the installed
R libraries (and everything else in ~/, of course, but that's the same
either way). Which makes it even more important not to run R as root.
I would welcome any corrections!
> BTW what are the permissions on /usr/local/lib/R? Mine's already set
> to 755 for the "user"!!! I though it used to be owned by root!
On my Debian machine, it's:
drwxrwsr-x 3 root staff 4096 2007-12-01 23:32 R
Cheers,
Tyler
--
Only YOU can stop forest fires.
More information about the R-sig-teaching
mailing list