/CLRUNMANAGEDCODECHECK (Add SupressUnmanagedCodeSecurityAttribute)

/CLRUNMANAGEDCODECHECK specifies whether the linker will apply SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls from managed code into native DLLs.



By default, the linker applies the SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls. When /CLRUNMANAGEDCODECHECK is in effect, SuppressUnmanagedCodeSecurityAttribute is not applied.

The linker only adds the attribute to objects that are compiled with /clr or /clr:pure. The linker does not generate PInvoke calls in objects compiled with /clr:safe. For more information, see /clr (Common Language Runtime Compilation).

A PInvoke call is generated by the linker when the linker cannot find a managed symbol to satisfy a reference from a managed caller but can find a native symbol to satisfy that reference. For more information about PInvoke, see Calling Native Functions from Managed Code.

Note that if you use AllowPartiallyTrustedCallersAttribute in your code, you should explicitly set /CLRUNMANAGEDCODECHECK. It is potential security vulnerability if an image contains both the SuppressUnmanagedCodeSecurity and AllowPartiallyTrustedCallers attributes.

See Security Optimizations for more information about the implications of using SuppressUnmanagedCodeSecurityAttribute.

To set this linker option in the Visual Studio development environment

  1. Open the project's Property Pages dialog box. For details, see How to: Open Project Property Pages.

  2. Expand the Configuration Properties node.

  3. Expand the Linker node.

  4. Select the Advanced property page.

  5. Modify the CLR Unmanaged Code Check property.

To set this linker option programmatically

See Also


Setting Linker Options

Linker Options