4.1.2 Security Best Practices for OML4R

To minimize the risk of compromising the security of an OML4R Server in Oracle Database, Oracle recommends the following security best practices.

OML4R Server components in an Oracle Database instance include the locked and password-expired RQSYS schema, which contains and manages OML4R metadata. Users connect to OML4R Server through their database connection credentials. The RQADMIN role grants a user the privilege of creating R functions as scripts in the OML4R R script repository; those scripts can be executed using OML4R embedded R execution.

Oracle recommends the following security best practices.

• Do not unlock the RQSYS schema or enable its login.

• Grant the RQADMIN role only to database users who are responsible for creating and managing the R script repository.

• Create private R scripts and grant access to other users as needed. Global R scripts are visible to and can be executed by any OML4R user.

• Use parameters or the OML4R datastore to transfer data between embedded R execution scripts and Oracle Database. R scripts should not interact with the server file system or the network.

• Set the OML4R embedded R execution memory limit properly based upon the Oracle Database server resources and usage patterns. The default value is 2 GB per connection.

• Use the auto-connect feature (connect=TRUE) instead of providing explicit database credentials when connecting back to the Oracle Database server in an R script that uses embedded R execution.

• Do not allow unauthorized R packages or C libraries to be loaded on the Oracle Database server for use in embedded R execution.

• Load dependent shared libraries from the $ORACLE_HOME/lib directory to prevent the use of unauthorized libraries.