Is there any form of preventing a user from calling shell commands in R, particularly through the system()
function?
My security concern is that I offer to my users an online R environment through RStudio Server. Once logged in, they can execute malicious instructions such as system('cat /etc/passwd')
.
For instance, in PHP language we can restrict the usage of a group of functions by specifying them in /etc/php.ini
configuration file:
disable_functions=exec,passthru,shell_exec,system,proc_open,popen