Script Security for R
The following mechanisms control security of Spotfire Service for R and to prevent users from running malicious scripts on the server.
- R engine in Docker containerization.
- Script access control.
Only users in the Spotfire license group Script Author can create R scripts. For other users to run the scripts, the scripts must be trusted (through the Manage Trust mechanism in Spotfire).
- Docker Containerization for R Scripts
Scripts running in a container have full access to the Docker container and have permission to do anything that is possible to do from within the container. The level of isolation a container provides depends on the Docker installation and the privileges given to these containers. - Conditions for Running R Scripts on the Spotfire Server
If you have Spotfire® Statistics Services configured to work with R, and you are moving to Spotfire Service for R, then your R script authors need to apply trust to the R scripts so they can run when the new service is active.
- Docker Containerization for R Scripts
Scripts running in a container have full access to the Docker container and have permission to do anything that is possible to do from within the container. The level of isolation a container provides depends on the Docker installation and the privileges given to these containers. - Conditions for Running R Scripts on the Spotfire Server
If you have Spotfire® Statistics Services configured to work with R, and you are moving to Spotfire Service for R, then your R script authors need to apply trust to the R scripts so they can run when the new service is active.
Parent topic: Spotfire Service for R
Related information