question
Erich Neuwirth wrote:
here is another question (kurt already knows about it). i would like to do a client server version of R where the server can run on a unix box and the client is excel ond a win machine. the easiest solution would be running a stdin-stdout version of the server through inetd. but this is vulnerable. so what is needed is a sandbox version of the server, where no acrtive access to the file system is open and where spawning processes is disabled. are there any plans for doing such a version?
You could have a look at some of the things Jeff Banfield did for Rweb (http://www.math.montana.edu/Rweb). He disabled some things to get a moderate increase in security, but as Thomas and Peter said, you really can't drop dyn.load and .C and with those more or less anything is open to someone who knows what they are doing. luke
Luke Tierney University of Minnesota Phone: 612-625-7843 School of Statistics Fax: 612-624-8868 313 Ford Hall, 224 Church St. S.E. email: luke@stat.umn.edu Minneapolis, MN 55455 USA WWW: http://www.stat.umn.edu -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- r-devel mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html Send "info", "help", or "[un]subscribe" (in the "body", not the subject !) To: r-devel-request@stat.math.ethz.ch _._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._