add how to use ros2cli with security enclaves.
#4900
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Tomoya Fujita <[email protected]>
fujitatomoya
commented
Dec 10, 2024
|
|
||
| .. note:: | ||
|
|
||
| Avoid using ros2 daemon because it may not have security enclaves, and enough time duration should be given for the discovery in ROS 2 secured network. |
There was a problem hiding this comment.
technically we can start the ros2 daemon with security enclaves so that user ros2cli can just call xmlrpc to the daemon to get the discovery information. but I believe that using ros2 daemon would be security breach if user is not careful enough, because it inherits the authentication and permissions from administrator and developers who implicitly starts the ros2 daemon. see more details for ros2/sros2#315
|
HTML artifacts: https://github.com/ros2/ros2_documentation/actions/runs/12264223415/artifacts/2302222200. To view the resulting site:
|
fujitatomoya
added
the
backport-all
|
@clalancette @ahcorde @Barry-Xu-2018 could you review this? |
ahcorde
approved these changes
Dec 17, 2024
|
@ahcorde thanks for the review. |
mergify bot
pushed a commit
that referenced
this pull request
Dec 17, 2024
Signed-off-by: Tomoya Fujita <[email protected]> (cherry picked from commit 65868a5)
mergify bot
pushed a commit
that referenced
this pull request
Dec 17, 2024
Signed-off-by: Tomoya Fujita <[email protected]> (cherry picked from commit 65868a5)
fujitatomoya
added a commit
that referenced
this pull request
Dec 17, 2024
Signed-off-by: Tomoya Fujita <[email protected]> (cherry picked from commit 65868a5) Co-authored-by: Tomoya Fujita <[email protected]>
fujitatomoya
added a commit
that referenced
this pull request
Dec 17, 2024
Signed-off-by: Tomoya Fujita <[email protected]> (cherry picked from commit 65868a5) Co-authored-by: Tomoya Fujita <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
closes #4891