How to encrypt xaml file from 3rd party view when we handover to customer as a nupkg

Continuing the discussion from How to encrypt xaml file from 3rd party view:

Is there any possibility to protected complete project file when we handover to customer as a nupkg?

That is still a topic under discussion for many actually.

Till now, creating DLL files out out your code is the safest way to do so. Convert your workflows into the Library and that will serve as a protected package to be deployed in customer system.

According to me, having the use of Apps on Cloud Orchestrator will have a better isolation by limiting the Attended User access to nupkg. Obliviously, this will require UiPath Cloud and Apps.

But not safe for 100% - we have to tell also

1 Like

Yes @ppr surely not THE SAFEST but yes, currently the best we have.

Thanks for highlighting that :+1:

Ok, can rate everyone by its own -
but when from dll the source code can be inspected in less than minutes then it is also plausible if it is rated as unsafe in all

we should be carefully on applying the principle like I cannot see - it does not exist

The reason why we can tell it in this way is that we profit when exploit it. But we fail, when we have mandatory to rely on it

yes @ppr

That is basically adding one more step to access the actual code, as it needs to be decompiled.

I believe, those who want to get the code they will certainly get it some or the other way. And those who donā€™t wish to will not touch it even if it a xaml. But anyone asking what can be done, we are still suggesting this as an option, again not the safest.

Hence it is still a topic under discussion. May be we will have some rigid solution from UiPath or we may need to use Apps for attended mode to eliminate this risk.

thats fine and we have done our duties when we also inform about the risk

reverse engeeering vs. riding on a technology base (CIL/CLR Architecture) can be rated as different.

From the history we do know the motivation to integrate a securing layer on XML but it was not much progressing to a result due it has several security concerns

https://www.w3.org/TR/xmlenc-core/

1 Like