I am setting up a new instance of RStudio Server Pro in a secure environment. I would like users to be able to install any packages from CRAN but not be able to install anything else (e.g. packages on Github).
Does this seem reasonable from a security standpoint?
What is the best way to implement this?