| ROS Resources: Documentation | Support | Discussion Forum | Index | Service Status | ros @ Robotics Stack Exchange |
As per what I have seen here is that, any person who knows the ip address of core server can connect to it by just publish on any of the active topics. There are no tokens or anything to verify the identity of the sender.
Neither I did not see any mechanism for verification.
I am looking for this information. I may be wrong at this, since I have not too much experience with ROS.
I'd refer you to #q247267 for an initial answer.
Even though that asks about the difference between ROS 1 and ROS 2, I believe it will also answer your question (which is tagged as melodic, so ROS 1). Note that answer was written in 2016: SROS2 is a mature part of ROS 2 these days and the situation in ROS 2 is no longer "unclear" as I write in my answer there.
For ROS 1, see also wiki/Security.
To end with a quote (by @Brian Gerkey at the ROS-Industrial Conference 2016):
if you claim that you've found a security hole in ROS 1, you're lying: there is no security
Note (for you and other (future) readers): read the linked answer and the security wiki page. ROS does not take a cavalier approach to security, but for ROS 1, it was never a design driver or requirement. As security is hard to "bolt on" afterwards, focus for rectifying this situation is with ROS 2, not ROS 1.
SROS 2 is an integral part of ROS 2 with support for strong encryption, authentication, access control and key and certificate management. Robotics security: What is SROS 2? by Canonical gives a good overview (albeit somewhat dated already, as it's 2019). You may want to look at ROS 2 DDS-Security integration and ROS 2 Access Control Policies for the design documents as well.
My question here is little different, I think I missed to write proper question. My question was, there is no way that each ros node get the security by default. Security according to my view, should be the default nature. Without configuring extra modules. In this context, each ros node started should inherit some default security.
For example any OS offers default firewall settings. Which without any aggressive configuration works pretty well under normal situations. Yes there can be more intermediate to advanced level configurations, based on the need and hence it is to be done by the user.
In this way, my question goes into the direction that, whether ROS has any implicit security implemented.
Yes, it was really informative answer. Tool ros2 security is also much needed. I would love to explore some tutorials on ros2 security tool as well. If I can get that information. I tried ...
Here you can find some nice tutorials about SROS2: https://github.com/ros2/sros2 Check them out! :)
In this way, my question goes into the direction that, whether ROS has any implicit security implemented.
you'll have to be more specific. This question makes no sense for ROS 1 (or: the answer will always be: no). For ROS 2 this is different.
Without configuring extra modules. [..] For example any OS offers default firewall settings
The firewall on every OS I know is still an extra module.
As a general response to your comment: please read the design documents, explore SROS 2 and if you have further questions, post a new question here on ROS Answers or reach out to the authors/maintainers of SROS 2 on ROS Discourse and/or their issue tracker.
I would love to explore some tutorials on ros2 security tool as well
There are various ROSCon presentations about it (videos and slides avaialble on the ROSCon web site). You may want to reach ...
I would love to explore some tutorials on ros2 security tool as well [..] I tried from one of the wiki link you provided, but it was not a tutorial but rather an information.
wiki/Security is for ROS 1. SROS 2 is for ROS 2.
Asked: 2020-05-23 07:39:30 -0500
Seen: 272 times
Last updated: May 23 '20
ROS Answers is licensed under Creative Commons Attribution 3.0 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
