I suggest RAppArmor over the standard setup of AppArmor, and black-listing a few functions (which is a rather nasty way, but usually works) that should never be called in such shared environment. I did something with my sandboxR package, see some details at http://hackme.rapporter.net
@jcheng: not just "system" but e.g. a simple "readLines" call can also return funny stuff :)
