Commit Graph

19 Commits

Author SHA1 Message Date
mofeifei
43bfffd85e docs: update cn trans idf-docker-image 2023-11-30 12:18:40 +01:00
Frantisek Hrbata
647c485a76 feat(docker): allow to add paths into git's safe.directory
With 8959555cee7e[1] ("setup_git_directory(): add an owner check for the top..")
git added an ownership check of the git directory and refuses to
run any git commands, even parsing the config file, if the git directory
is not owned by the current user. The "fatal: detected dubious ownership in repository"
is reported.

This fixes CVE-2022-24765[2], which allows to compromise user account. On a
multi-user system or e.g. on a shared file system, one user may create a "rogue"
git repository with e.g. core.fsmonitor set to an arbitrary command. Other user
may unwillingly execute this command by running e.g. git-diff or
git-status within the "rogue" git repository, which may be in one of the parent
directories. If e.g. PS1 is set to display information about a git
repository in CWD, as suggested in Git in Bash[3], the user do not need to run
any git command to trigger this, just entering some subdirectory under
this "rogue" git repository is enough, because the git command will be
started transparently through the script used in PS1. The core.fsmonitor
can be set to arbitrary command. It's purpose is to help git to identify changed files
and speed up the scanning for changed files.

rogue
├── .git     # owned by user1
└── dir1     # owned by user2
    ├── dir2 # owned by user2
    └── .git # owned by user2

user1 sets core.fsmonitor for git repository in rogue directory
$ git config --add core.fsmonitor "bash -c 'rm -rf \$HOME'"

user2 enters dir1 and runs e.g. git diff and triggers the core.fsmonitor command.

The ownership check may cause problems when running git commands in
ESP-IDF Docker container. For example user may run the container as
root, but the mounted project may be owned by a particular user.

In this case git will refuse to execute any git command within the
"/project" directory, because it's not owned by root. To overcome this,
git allows to set safe.directories, for which the ownership check is
skipped. The security check may be completely disabled by setting
safe.directories to "*". This solution was proposed in PR 12636[4], but
it would allow make it possible to exploit this vulnerability again.

This fix allows user to specify git's safe.directory in IDF_GIT_SAFE_DIR
environmental variable, which may be set during container startup.

The IDF_GIT_SAFE_DIR has same format as PATH and multiple directories can be
specified by using a ":" separator. To entirely disable this git security check
within the container, user may set IDF_GIT_SAFE_DIR='*'. This might be
heplfull in CI.

Closes https://github.com/espressif/esp-idf/pull/12636

[1] - 8959555cee
[2] - https://nvd.nist.gov/vuln/detail/cve-2022-24765
[3] - https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
[4] - https://github.com/espressif/esp-idf/pull/12636

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-11-30 12:18:40 +01:00
Roland Dobai
5f74dd2bb3 Merge branch 'docs/docker_image_flashing' into 'master'
docs(docker): Update Using Remote Serial Port chapter

Closes IDFGH-10856

See merge request espressif/esp-idf!25778
2023-09-07 18:05:48 +08:00
Cai Xin Ying
2fac98d2e0 docs:update format issues for files under api-guides 2023-09-07 15:26:05 +08:00
Jakub Kocka
e265c1f387 docs(docker): Update Using Remote Serial Port chapter
By default some shells such as zsh has NOMATCH option set (https://zsh.sourceforge.io/Doc/Release/Options.html).
The root cause of the problem is that while bash expands the parameter to itself if it does not match any filename, the zsh reports an error. IOW if we do % setopt nonomatch it will work even in zsh.

Closes https://github.com/espressif/esp-idf/issues/12060
2023-09-06 11:26:47 +02:00
Roland Dobai
3adee7ecf6 Merge branch 'contrib/github_pr_11987' into 'master'
idf-docker-image.rst: Run with current user ID instead of root. (GitHub PR)

Closes IDFGH-10773

See merge request espressif/esp-idf!25146
2023-08-21 13:16:59 +08:00
daiziyan
1c2a8a8917 docs: provide CN trans for idf-docker-image 2023-08-18 15:40:26 +02:00
radim.karnis
8acde05a5c feat: Drop Python 3.7 support 2023-08-08 08:37:29 +02:00
Jim Mussared
c7d5112771 idf-docker-image.rst: Run with current user ID instead of root.
Rather than running the command inside the container as root, which will
mean that any build artifacts created will be owned by root on the host,
run the command as the current user.

This requires setting a temporary home directory as idf.py will try to
access e.g. ~/.cache, so just use /tmp inside the container which is
ephemeral anyway.

This also allows the command to use `git`. without setting the user ID,
`docker run ... git status` will fail with
    fatal: detected dubious ownership in repository at '/project'

Also added the missing explanation for `-w /project`.

Signed-off-by: Jim Mussared <jim.mussared@gmail.com>
2023-08-01 11:27:34 +10:00
caixinying-git
caf3f6b5fb docs: provide CN translation for api-guides/tools/idf-docker-image.rst 2023-07-05 16:39:14 +08:00
Peter Dragun
64be67e59d docs(docker): update instructions for esp_rfc2217_server 2023-03-20 10:53:05 +01:00
Frantisek Hrbata
0788616626 docs: add info how to access serial port inside docker via rfc2217
On Windows/Mac the serial port cannot be access directly inside
docker container. This is already mentioned in the documentation.
This expands the documentation for steps which can be used to overcome
this limitation by using remote serial port access via telnet protocol.

Closes https://github.com/espressif/esp-idf/issues/10617

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-02-21 15:02:48 +01:00
Ivan Grokhotkov
212cbc3fb6
tools/docker: add README.md file to be displayed on Docker Hub
Closes https://github.com/espressif/esp-idf/issues/7933
2022-05-26 03:44:13 +02:00
Ivan Grokhotkov
ec96adae2b
docs: document build arguments of the Docker image 2022-05-26 03:31:22 +02:00
Tomas Sebestik
fb12d03dc3 Drop Python 3.6 2022-02-10 07:20:52 +01:00
Roland Dobai
9c1d4f5b54 Build & config: Remove the "make" build system
The "make" build system was deprecated in v4.0 in favor of idf.py
(cmake). The remaining support is removed in v5.0.
2021-11-10 09:53:53 +01:00
Ivan Grokhotkov
20d93ac835 docs: remove note about v4.0 docker tag, use release-v4.0 as example 2020-02-18 14:02:46 +01:00
Ivan Grokhotkov
9be3cd883b docs: docker: add instructions for binding tools/kconfig to a volume
Closes https://github.com/espressif/esp-idf/issues/4790
2020-02-18 11:43:29 +01:00
Ivan Grokhotkov
83277fe0f2 docs: add tools section and IDF docker image page 2019-07-18 06:18:04 +00:00