/CLRUNMANAGEDCODECHECK (Remove SuppressUnmanagedCodeSecurityAttribute)
/CLRUNMANAGEDCODECHECK specifies that the linker doesn't apply SuppressUnmanagedCodeSecurityAttribute to linker-generated PInvoke calls from managed code into native DLLs.
Syntax
/CLRUNMANAGEDCODECHECK
/CLRUNMANAGEDCODECHECK:NO
Remarks
By default, the linker applies the SuppressUnmanagedCodeSecurityAttribute attribute to linker-generated PInvoke calls. When /CLRUNMANAGEDCODECHECK is in effect, SuppressUnmanagedCodeSecurityAttribute is removed. To explicitly apply the SuppressUnmanagedCodeSecurityAttribute attribute to linker-generated PInvoke calls, you can use /CLRUNMANAGEDCODECHECK:NO.
The linker only adds the attribute to objects that are compiled using /clr or /clr:pure. However, the /clr:pure compiler option is deprecated in Visual Studio 2015 and unsupported in Visual Studio 2017 and later.
A PInvoke call is generated by the linker when the linker can't find a managed symbol to satisfy a reference from a managed caller but can find a native symbol to satisfy that reference. For more information about PInvoke, see Calling Native Functions from Managed Code.
If you use AllowPartiallyTrustedCallersAttribute in your code, you should explicitly set /CLRUNMANAGEDCODECHECK to remove the SuppressUnmanagedCodeSecurity attribute. It's a potential security vulnerability if an image contains both the SuppressUnmanagedCodeSecurity and AllowPartiallyTrustedCallers attributes.
For more information about the implications of using SuppressUnmanagedCodeSecurityAttribute, see Secure Coding Guidelines for Unmanaged Code.
To set this linker option in the Visual Studio development environment
Open the Property Pages dialog box for the project. For more information, see Set compiler and build properties.
Select the Configuration Properties > Linker > Advanced property page.
Modify the CLR Unmanaged Code Check property.