The RAppArmor package: Enforcing security policies in R using dynamic sandboxing on Linux

The increasing availability of cloud computing and scientific super computers brings great potential for making r accessible through public or shared resources. this allows us to efficiently run code requiring lots of cycles and memory,or embed r functionality into,e.g.,systems and web services. however some important security concerns need to be addressed before this can be put in production. the prime use case in the design of r has always been a single statistician running r on the local machine through the interactive console. therefore the execution environment of r is entirely unrestricted,which could result in malicious behavior or excessive use of hardware resources in a shared environment. properly securing an r process turns out to be a complex problem. we describe various approaches and illustrate potential issues using some of our personal experiences in hosting public web services. finally we introduce the rapparmor package: a linux based reference implementation for dynamic sandboxing in r on the level of the operating system.