Writes a temporary Seatbelt profile and creates a wrapper shell script
that launches R inside sandbox-exec. The wrapper can be passed to
callr::r_session_options() via the arch parameter (which callr
uses as the path to the R binary).
Arguments
- socket_path
Path to the UDS socket
- r_home
Path to the R installation
- limits
Optional named list of resource limits (see
generate_ulimit_commands())
Value
A sandbox config list (see build_sandbox_config())