Script Security & Restricted Execution Modes
The following mechanisms control security of the Spotfire® Enterprise Runtime for R - Server Edition (a/k/a the TERR™ service) and prevent users from running malicious scripts on the server.
- Restricted execution mode (REX).
- TERR engine in Docker containerization.
- Script trust and access control.
Only users in the
Spotfire
license group
Script Author
can create and mark Spotfire Enterprise
Runtime for R scripts as trusted. For other users to run the scripts, the
scripts must be trusted (through the
Manage Trust mechanism in Spotfire).
Trusted scripts run in an unrestricted execution environment (no REX or
container) unless the Spotfire Enterprise Runtime for R - Server Edition
enforces all scripts to be run in restricted mode. Untrusted scripts always run
in REX mode or in a container.
- Docker Containerization for TERR Scripts
Spotfire® Enterprise Runtime for R (a/k/a TERR™) scripts running in a container but not using restricted execution mode have full access to the Docker container and have permission to do anything that is possible to do from within the container. The level of isolation a container provides depends on the Docker installation and the privileges given to these containers. - TERR Restricted Execution Mode (REX)
Scripts running in restricted execution mode (REX), but without container isolation, are running directly on the Spotfire Enterprise Runtime for R - Server Edition host using the same user account as is running the node manager on which the service runs. - Impact of Relaxing the Spotfire Enterprise Runtime for R - Server Edition Security Settings
If you have scripts that cannot run in restricted mode because they need access to resources on the system or network, then you can change the settings to enable those scripts to run.
- Docker Containerization for TERR Scripts
Spotfire® Enterprise Runtime for R (a/k/a TERR™) scripts running in a container but not using restricted execution mode have full access to the Docker container and have permission to do anything that is possible to do from within the container. The level of isolation a container provides depends on the Docker installation and the privileges given to these containers. - TERR Restricted Execution Mode (REX)
Scripts running in restricted execution mode (REX), but without container isolation, are running directly on the Spotfire Enterprise Runtime for R - Server Edition host using the same user account as is running the node manager on which the service runs. - Impact of Relaxing the Spotfire Enterprise Runtime for R - Server Edition Security Settings
If you have scripts that cannot run in restricted mode because they need access to resources on the system or network, then you can change the settings to enable those scripts to run.
Parent topic: Spotfire Enterprise Runtime for R - Server Edition