amirm Posted August 1, 2014 Report Posted August 1, 2014 I am studying UniVision Licensing with webinar from youtube. Very good... I noticed that subroutines can be password protected, but screens cannot. In my humble opinion this is not secure, because other people can look at the screen objects, discover the address of variables, and then read or write values. Tables are also not password protected, so a developer cannot create a table with secret data, or write-protect against tweaking. It is not usefull to put a password, because anyone can call a screen or read a table with unprotected subroutines. Here is a suggestion, if you take the time. Allow the screens, tables, trends to be password protected, just like subroutines - can only view and edit in Visilogic after entering the password. Protected screens, tables, trends cannot be called by unprotected subroutines, or Links & Jumps of other screens. Any attempt will either fail or generate compilation error. When the program enters a protected subroutine it sets an internal "protection bit" (not an MB!!) When the program exits a protected subroutine, it clears the "protection bit". When a protected object is called, it first checks the "protection bit" - "Am I being called by a protected subroutine?" - Act or Fail. Actually it is a bit more complicated than that. A CALL will push the return address on the stack, and POP it when it finds a RET. So when a CALL happens, the "protection bit" must be pushed on a separate stack and be updated according to the subroutine being called - protected or unprotected. When the subroutine ends, the "protection bit" is popped from the stack and will recover it´s previous state before the call. This way you can call an unprotected subroutne from inside a protected routine, and everything works. The same could be done with operands, but it would take a little more tweaking.... First, each operand should be "protectable". The same way it can have a power-up value, it must have a check box that makes it protected. To get things started, Visilogic could protect all operands whose description starts with "PROTECTED", and hide the rest of description for safety. (Only if the user enabled "Automatic Operand Protection", right below "Create Ladder Password"...) Protected operands can only be used by protected subroutines, screens, trends, tables, etc. Protected operands cannot be read or written by Modbus, Online Test, etc. Any attempt of use of protected operand by unprotected object will either fail or generate compilation error.
greml1n Posted August 3, 2014 Report Posted August 3, 2014 I agree. I also have concerns that someone can edit data tables in Uniapps. It would be great if you had the option of making them read only
Cara Bereck Levy Posted August 6, 2014 Report Posted August 6, 2014 Hi Amir--you posted this in the UniLogic section, but UniVision licensing does not apply to UniStream, so I moved the topic:-)I have passed your requests to R&D--thanks!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now