We have a setup where we allow external users to run analysis tools through a UI. In this interface, some of the tools receive R objects as RDS as inputs. Is this safe or could someone inject malicious code calls (or other exploits) inside a provided RDS? We only use loadRDS and saveRDS, not the more general load and save that deal with the entire workspace.
Technically speaking, and RDS object is a single object of "anything". and in this function there would be a hidden system call, one you think of a possibility to introduce an exploit. The system() function will execute a command on the console as the user. This could be used to exploit the host system as long as the process running R has the access right doing so.
Example:
x <- function() {
system("echo EXPLOIT")
}
saveRDS(x, "x.RDS")
y <- readRDS("x.RDS")
y()
Of course y would needed to be executed in the code after the readRDS.
Let's say that you are reading in an S3 or S4 object with a function stored in the object. When the code would execute this function, the code could be run.
As in many programming languages, the input would need to be checked and checking if the object is of a certain class must be very tight (e.g. if you ask a tibble if it is a data.frame, it will respond TRUE). You might probably extract the values of the read in object and create a new one with the values OR you are really sure that there is no way possible that this is executed.
One could think of more creative exploits when eval is used.
Hope that helps.