I was under the assumption that the only authorized SystemLink clients would be authorized to access a package repository feed on my SystemLink server. However, it appears that there's no security scheme in place and anyone with the repository feed URL can register it in NIPM and download+install packages.
Am I missing something? Is there a way to secure the repository/feed?
We technically have the ability to secure the feeds hosted from SystemLink, but NI Package Manager currently lacks the ability to allow you to provide a password when accessing them so it wouldn’t do you much good in the meantime. I’ll check to see if that is something on their roadmap.
This is very important, IMO.
Right now, the only way (work-around) have for securing a feed is to use obscure URLs. We're considering adding onto this by using a Skyline Tag to store the current feed URL (and the n have our clients run a LabVIEW program that reads this tag and manages the registration of that feed with NIPM on the client), which at least gives us the ability to at least change the feed URL in the future, if we think that the obscure URL might have been leaked somehow -- only clients that are connected/authorized through SystemLink can read the tag, so that provides our system of securing the new feed URL.
Using HTTPS connections would be great!
This is also an issue in the world of IoT and making the required secure connections to cloud servers.
I think this would be a great topic to bring up in the Idea Exchange! The Idea Exchange is directly monitored by our development team, and we use it as a pipeline for improvements for future versions of products. It's a great way to interface directly with our R&D team to get new features added.
That would be great if there was a clear place for software like Systemlink and NI Package Manager in the idea exchange.
I tried to find it, but couldn't. Hope you can point me to the proper one.
Sure thing! Both SystemLink and the NI Package Manager are eligible to have ideas posted in the "Additional NI Software Idea Exchange", which I've linked here for you. Let us know if you have more questions!
Since we don't have a specific SystemLink section of the idea exchange, we are accepting feedback for SystemLink on this forum. This may be subject for change in the future but for now this forum is a great place to provide feedback.
I have successfully connected to an HTTPS-hosted feed using basic auth in the feed URL. I think this showed up in NIPM 18.5? Either way basic auth seems to work.