[Rd] virus and malicious code

Uwe Ligges ligges at statistik.tu-dortmund.de
Mon Aug 6 15:39:06 CEST 2012

On 06.08.2012 15:09, David L Lorenz wrote:
> Hi,
>    A question has come up within a user group about the possibility of
> viruses or other malicious code being embedded within any package served
> from CRAN. How much checking is done to guard against this?

Of course, CRAN cannot guarantee that packages are free of malicious 
code, otherwise manual inspection of the code of almost 4000 packages 
with dozens of updates and new submissions a day would be necessary.

CRAN does some checks on the precompiled binaries for viruses, but again 
cannot give guarantees. Please use the normal precautions with 
downloaded executables.

Uwe Ligges

> I do not
> expect any kind of response about picking up R code from any other source,
> like gitHub. Thanks.

> Dave
> 	[[alternative HTML version deleted]]
> ______________________________________________
> R-devel at r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-devel

More information about the R-devel mailing list