Community
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

iLogic Security Needed - ASAP

iLogic Security Needed - ASAP

iLogic is a very very powerful tool and I can't believe it has gone this long without any security features whatsoever. i can restrict a user from having access to edit Content Center but not iLogic?????? 

 

in Vault under global settings/Manage Access there needs to be User Roles for iLogic similar to Content Center.

  • iLogic Administrator
  • iLogic Editor
  • iLogic Consumer

As an iLogic Consumer I'd really like see all iLogic functionality in Inventor greyed out in read-only mode. 

Leaving this completely open for anyone from A-Z is like Autodesk telling all their partners around the globe you can develop tools for Inventor but everything has to be open source for everyone to see, copy and change when they want. 

 

now for the second part of iLogic security needed and I hope this hasn't happened to anyone yet. in iLogic you can type any VB.NET coding you want, and it will do anything you tell it including functions and operations outside of the Inventor Environment. for example, I can currently write a Rule in a Part file called "iProp_Update" and use the Event Trigger "After Open Document". In that rule yes, I have all the code to update the corresponding properties but what I can also do (and this is just to make my point, no I haven't done this) is write code that will send an email from the current user that has the file open to his/her boss telling them to take-off in a creative way. 

 

this might seem extreme but in reality, that is minor when you think about possibilities outside of your work environment meaning a lot of companies outsource engineering services to other companies around the globe for additional recourses. if a company was to contract an engineering job to a company thousands of miles away and said company has completed the job and sent all related cad files. if anybody in this scenario wanted to be malicious, they could write a rule that's triggered "After Open Document" to do whatever they want from A-Z. who needs Phishing emails when you can put it in an Inventor IPT file. 

 

With that said... Autodesk needs to create an iLogic Scanning Utility that can allow I.T. / CAD Admins the ability to scan all Inventor files for embedded iLogic rules without opening the file and if rules are found they can be previewed in the Utility window with the option to remove the rule without opening. 

 

if I can think of this, I'm sure hundreds of others have too and at some point, this scenario may be reality for an unlucky company.

 

Both of these Ideas seem like a no-brainer to Vote for Please vote for this.

 

@jchaisson2H9RZ - this post has been edited due to Community Rules & Etiquette violation.

1 Comment
MjDeck
Autodesk

@jchaisson2H9RZ , there is an option to disable iLogic rules that make .NET system calls. See the Security Options button near the bottom of the iLogic Configuration dialog (Tools > Options > dropdown at bottom > iLogic Configuration.)

In Inventor 2025, we enable this scan by default.

Can't find what you're looking for? Ask the community or share your knowledge.

Submit Idea  

Autodesk Design & Make Report