[Rd] R in sandbox/jail (long question)
Murray Stokely
murray at stokely.org
Thu May 20 20:21:12 CEST 2010
On Tue, May 18, 2010 at 7:38 PM, Assaf Gordon <assafgordon at gmail.com> wrote:
> I've found this old thread:
> http://r.789695.n4.nabble.com/R-in-a-sandbox-jail-td921991.html
> But for technical reasons I'd prefer not to setup a chroot jail.
>
I would also point out that the state of the art in the operating
system community has moved on significantly since 1982 when chroot was
added. BSD Jails, Solaris Zones/Containers, SELinux, etc. all provide
much more control over the system calls, network connections, and file
and device access granted to applications in different jails/zones.
These operating system capabilities solve exactly some of the problems
you are trying to solve by painstakingly modifying R, but in a more
secure and configurable manner.
- Murray
More information about the R-devel
mailing list