Is it possible to run Shiny application without invoking Bash shell?

As per the official documentation, it seems like the shiny application’s R processes are spawned using Bash shell.

With my shiny application, I am getting Local File Inclusion (LFI) vulnerability wherein if I put “/etc/passwd” in one of the POST request, the application sends back the first line of that file.

I want to address this issue and one of the solution that I can think is running shiny application without Bash shell which will prevent the application to access local files.

Any help would be appreciated.


This topic was automatically closed 54 days after the last reply. New replies are no longer allowed.