Request Sanitize R from web users
We are creating a web form that will allow (trusted) users to enter their own R-queries. They will analyze statistics on the database.
Questions:
- How dangerous is it in its basic form? I'm new to R, so what's the worst thing they could do? (Assuming the database connection is unprivileged).
- Is there an easy way to misinform the input to eliminate the biggest risks?
- Can the raw data be sanitized to the point where we could open it up to the public? For example, we could not risk DOS attacks.
+3
source to share
1 answer
Aggregation of comments above, plus messages from the mailing list thread pointed to by Josh O'Brien.
- Very. An unsecured R request can do whatever its process can do with a function
system()
. - From the list, grepping requests for "system" and "eval" are useful (but can be easily bypassed by experienced R programmers). sandboxR takes this even further by adding additional security. But the experts on the list claim they can easily get around even that.
- While it looks like no. Perhaps this could be done with whitelisting (i.e., provide a list of features that are approved and block everything else).
+1
source to share