[R-pkg-devel] .tar vs. binary builds
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 15-08-03 06:34 PM, Glenn Schultz wrote:
Hi Ben,
[Please keep the list cc'd in your replies.]
Thanks for answering so quickly. Basically, I want to be able to
distribute the package to users and testers some are on Mac others Windows. I am looking for the best way to do this but for the time being there are some classes which should not be extended. So the .tar being source may allow a user to uncompress the source and alter and export a class that needs to be protected from change. Basically, I want to open source a mortgage and asset backed valuation tool but there are certain classes that for now should not changed or extended. I don't know how expert your users are, or what kind of social/moral/administrative control you have over what they do with your code. Building binary packages does strip out some information, but since R is an interpreted language, the information needed to change/modify/extend the code would still be present for a sufficiently motivated user. You will definitely gain some degree of security/write-protection through obscurity, but not any real protection. R can be obfuscated, but it is not designed for being locked down; if you really need security, the general advice is to provide a front-end to the users via a server you control.
Glenn Sent from my iPhone
On Aug 3, 2015, at 3:43 PM, Ben Bolker <bbolker at gmail.com> wrote:
On 15-08-03 04:31 PM, Glenn Schultz wrote: Hello All, I have a package which I would like to distribute. However, there are some classes that are not exported if I provide a tar file can the user decompress the tar to the source and then export class. I am thinking the answer is year since the tar is source code. Conversely, a binary build would prohibit this - correct? Best Regards, Glenn
______________________________________________ R-package-devel at r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
Not really clear what your question is. If you distribute a source
package/'tarball' (i.e. .tar, typically compressed to .tar.gz) then
users can install via R CMD INSTALL [...] or within R
install.packages("...",repos=NULL). Then they'll have access to
everything that is exported via your NAMESPACE file. Can you be
more concrete/specific/clear about what you have in mind?
______________________________________________ R-package-devel at r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJVv/OIAAoJEOCV5YRblxUHfiMIAJwlKENYU3a2rj3npiJC59XO ZxeBVBhDnWGrPN9g+w4pimSFZhJ2QD5+WuyA/SiuLN9vlVjBfzo7VGjRBqDopsmt 7/j1ACfx2Jz2uvnUWmb7IRI2uEBR+yIezuQbY0m6gbzKIrDHT8PYXkNvBnRW1EkA c2T8C5pPocSCwyKCgqPARoCd16+Va6rzV1aCjuhJHk5tgH8a7IampP4dn9w/coRN CLzJEWpXhzP+9fhSaG5bdLm3cTgDxybPDwPAvkWFhmmKrd3kpf69jMYUxIkyqgu8 HkLX4BT6s5qvURvmT1DyAY2pztJWaX2Gd3n1aEUze91Du8yq85miiGexWUZTDPc= =uGhT -----END PGP SIGNATURE-----