Directory Management

Working Directories

The default working directory for both new R sessions and new R projects is the user’s home directory (~). You can change this behavior via the session-default-working-dir and session-default-new-project-dir configuration parameters within the rsession.conf config file.

For example, the set the default values to “~/working” and “~/projects” you’d use the following configuration:

# /etc/rstudio/rsession.conf

You should ensure that users have the permissions required to write to the specified default directories. The specified directories will be automatically created if they don’t already exist.

Note that these settings control only the default working and new project directories (users can still override these settings locally if they choose to).

Restricted Directories

Like most IDEs, RStudio allows users to open and edit any file to which they have read or write permission (respectively) at the filesystem level. However, in some environments it’s important to restrict access to system files from web front ends. RStudio can optionally enforce a restrictive mode for most directories, which will prevent users from using the IDE to open files in the directories. This is enabled by the restrict-directory-view option as follows:

# /etc/rstudio/rsession.conf

When enabled, RStudio users will only have access to open files from the following in the IDE:

  • Home directories
  • R and R library directories
  • RStudio-specific directories
  • User/session specific temporary directories

If you wish to allow users to open and view files in a directory that RStudio would ordinarily forbid access to, you can change the directory-view-allow-list setting. This setting accepts a list of directories to enable access to, separated by :. For example, if you wish to allow users to open files from /var/run and /usr/share/examples:

# /etc/rstudio/rsession.conf

Note that this setting only applies to RStudio’s IDE web interface. Users will still have access to other files on the system using R itself and/or the Terminal interface. Follow security best practices by relying on operating system-level file permissions, not front end restrictions, to guard access to sensitive content and files.