As a self-contained function execution server, the Spotfire
Statistics Services server included third-party and built-in security
mechanisms that prevented bad actors from running malicious code in its
environment. The Spotfire Statistics Services run as a service in a node
manager, so they rely largely on the trust mechanisms included with Spotfire.
When you install and configure the Spotfire Service for R, any R data
functions and scripts previously running on the Spotfire Statistics Services
server try to run on the Spotfire Service for R, regardless of the settings in
the Spotfire options. Because there is no local R engine to run data functions
and scripts locally in the Spotfire client, they all run using the Spotifre
Statistics Service on the node manager.
By default, members of the Script Author group can run their R data
functions and scripts. Spotfire client users who are not members of the Script
Author group cannot run R data functions and scripts—not even their own—until
they have been "trusted" by a member of the Script Author group. Members of the
Script Author group must use the Spotfire
Manage trust feature, and save the
trusted analyses to the library, so that others in the organization who use the
Spotfire clients can run the data functions and scripts, too. Data functions
and scripts that have already been trusted using the
Manage trust feature in Spotfire maintain that
trust.
Note: Spotfire Server administrators can bypass the default Spotfire
Server trust controls by setting certain trust options. Taking such a step must
be done with careful consideration, however. See
Trusting custom content in the Spotfire
environment in the
Spotfire® Server and Environment - Installation and
Administration guide for more information.
Note: The TERR service provides restricted execution functions specific
to TERR and the TERR service.
For more information, see
Manage trust and
Usage of Scripts and Data Functions in
the
Spotfire Client User Guide.