How to pass the /unsafe flag to the C# compiler when building an SSDT Project with Visual Studio 2017
Question
Prefix: Please let's no get all tangled up in should I do this , nor if it is supported. Microsoft provide the Unsafe permission set for exactly this purpose
A CLR assembly created with PERMISSION_SET = UNSAFE may be able to access external system resources, call unmanaged code , and acquire sysadmin privileges.
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-assembly-transact-sql
Now, onto the question:
So, conventional wisdom holds that, when one wishes to use an unsafe code block such as
unsafe {
fixed (char* passwordChars = password) {
var securePassword = new SecureString(passwordChars, password.Length);
securePassword.MakeReadOnly();
return securePassword;
}
}
One simply checks the checkbox in the Build options and off one trots:
However, I'm at a total loss to understand how one does it when one's building a SSDT SqlProj project. Here's the build ( SQLCLR Build ) options for that project type:
So, aside from the usual "Danger, Danger, Will Robinson" type warnings, is this even possible with a SqlProj project type? And yes, I am building unsafe code and yes, I am signing the code, using an asymmetric key and login with Unsafe rights attached to it.
All that aside, how the heck you pass this onto the compiler command line? Also, I'm not against modifying the sqlproj file if that's what it takes.
Thoughts
If I have to I suppose I might be able create another assembly, outside of the SqlProj format with this code in and load that to Sql Server as an assembly that I then reference. It just seems odd that the SqlProj project format specifically prohibits this flag being set.
1 answers
solution1
0 ACCPTED 2017-10-29 16:08:53
The UI will not expose the option, but the project file still supports it (along with any other option you can pass to the compiler).
In VS, right-click the project and choose "Unload Project", then right-click again and choose "Edit project". In the main <PropertyGroup> block, add
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
Save, reload the project once more, and it should now build unsafe blocks without complaint.
Note that PERMISSION_SET = UNSAFE is much broader than what C# calls "unsafe". Even doing something in verified managed code that might nevertheless compromise the stability or throughput of the engine (like threading) is prohibited under PERMISSION_SET = SAFE (prior to Code Access Security getting abandoned and complicating things a lot, that is).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.