Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Alert when installing packages from the built-in R console #6226

Open
emilianomm opened this issue Feb 4, 2025 · 3 comments
Open

Security Alert when installing packages from the built-in R console #6226

emilianomm opened this issue Feb 4, 2025 · 3 comments
Labels
info needed Waiting on information

Comments

@emilianomm
Copy link

emilianomm commented Feb 4, 2025
edited
Loading

System details:

Positron and OS details:

Positron Version: 2025.02.0 (system setup) build 137
Code - OSS Version: 1.96.0
Commit: f4b7966
Date: 2025-01-30T15:18:06.013Z
Electron: 32.2.6
Chromium: 128.0.6613.186
Node.js: 20.18.1
V8: 12.8.374.38-electron.0
OS: Windows_NT x64 10.0.19045

Interpreter details:

  • R 4.4.2

Describe the issue:

When installing renv with install.packages("renv") I got a virus alert from Security Trend app. After that, the R interpreter remains in an unusable state.

Image

Steps to reproduce the issue:

  1. Install renv from the built-in R console with install.packages("renv")

Expected or desired behavior:

I would expect positron not to raise such alerts and be able to use it in an enterprise context.

Notes

  • My only work around has been to re install positron to get the R console to work after ark.exe got on quarantine.
  • To install packages I use R executed from the cmd with R.exe.
  • It may happen upon installing any other package really.
@juliasilge
Copy link
Contributor

Thanks for this report! Would you share with us anything that you see in "Details" there? These various kinds of security software can vary in how they evaluate apps, so something actionable would be very helpful for us.

With this same machine setup, do you need to do anything special with RStudio to allow it to install R packages? For example, run RStudio as an administrator or similar?

@juliasilge juliasilge added the info needed Waiting on information label Feb 5, 2025
@emilianomm
Copy link
Author

Hi Julia!

The Details link will get you to this help page on www.trendmicro.com.

As for my IDE, I have been using VSCode / Codium for a while and using R directly from the terminal. (pwsh.exe to be precise). Never have experienced something similar

@jmcphers
Copy link
Collaborator

Unfortunately the algorithm Trend Micro uses to detect "unauthorized file encryption" is not something we can see or change, so it is not possible for us to know what specifically in ark.exe is triggering it (very likely just opening a bunch of files during package install is the issue).

The best thing you can do here is grab a couple of activity samples and report them to Trend Micro. Here's how to do that:

https://success.trendmicro.com/en-US/solution/KA-0006659

Until Trend Micro fixes it, you should be able to just add ark.exe to an allow list to get it back online. Here's how to do that:

https://success.trendmicro.com/en-US/solution/KA-0006822

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
info needed Waiting on information
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jmcphers @juliasilge @emilianomm