This documentation is archived and is not being maintained.

/CLRUNMANAGEDCODECHECK (Add SupressUnmanagedCodeSecurityAttribute)

/CLRUNMANAGEDCODECHECK specifies whether the linker will apply SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls from managed code into native DLLs.


By default, /CLRUNMANAGEDCODECHECK is in effect, which means SuppressUnmanagedCodeSecurityAttribute is applied to linker-generated PInvoke calls. Specify /CLRUNMANAGEDCODECHECK:NO to not apply this attribute.

The linker only adds the attribute to objects that are compiled with /clr or /clr:pure. The linker does not generate PInvoke calls in objects compiled with /clr:safe. For more information, see /clr (Common Language Runtime Compilation).

A PInovke call is generated by the linker when the linker can’t find a managed symbol to satisfy a reference from a managed caller but can find a native symbol to satisfy that reference. For more information on PInvoke, see Calling Native Functions from Managed Code.

Note that if you use AllowPartiallyTrustedCallersAttribute in your code, you should explicitly set /CLRUNMANAGEDCODECHECK. It is potential security vulnerability if an image contains both the SuppressUnmanagedCodeSecurity and AllowPartiallyTrustedCallers attributes.

See Security Optimizations for more information on the implications of using SuppressUnmanagedCodeSecurityAttribute.

To set this linker option in the Visual Studio development environment

  1. Open the project's Property Pages dialog box. For details, see How to: Open Project Property Pages.

  2. Expand the Configuration Properties node.

  3. Expand the Linker node.

  4. Select the Advanced property page.

  5. Modify the CLR Unmanaged Code Check property.

To set this linker option programmatically