On Mon, Dec 28, 2009 at 6:23 PM, Peterson, Eric B. <ebpeter...@usbr.gov> wrote:
> My guess is that we may run into problems due to R being open-source, leading > to a potential perception that the code might be poorly controlled. This > could be further complicated by the need for downloading additional > open-source packages. At present, I am not aware of any open source software > that has passed through the approval process, though I am also not aware of > any policy against open-source. The 'Core' of R is code committed (and therefore 'controlled') by a smallish group of people: http://www.r-project.org/contributors.html The real problem would come when you start adding additional packages from CRAN or R-forge or some other source. These are written by hundreds or possibly thousands of people. I've not heard of any malicious code ever being found in an R package, but maybe one day I'll sneak a back-door server into one of mine and see how long before it gets spotted. I don't think any formal review of CRAN package code is ever done (someone may prove me wrong here, but there's zillions of lines of code in CRAN now). Barry ______________________________________________ R-help@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide http://www.R-project.org/posting-guide.html and provide commented, minimal, self-contained, reproducible code.
