Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / Languages / Managed C++ / October 2007

Tip: Looking for answers? Try searching our database.

The various levels of /CLI

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Peter Oliphant - 22 Oct 2007 16:13 GMT
My program works great in  'vanilla' /CLI, so I tried both '/CLI pure' and
/CLI 'safe'. My program continues to compile and run fine in 'CLI pure' (I
also use error level 4 and don't even get warning errors), but generates
almost 400 compile time errors in '/CLI safe'.

So, more out of curiosity, what are the advantages and disadvantages to each
'level' of /CLI? Since mine will compile and run in '/CLI pure' what am I
'getting' I wouldn't get if it only worked under 'vanilla' /CLI? Since my
program doesn't compile as in '/CLI safe', what am I not 'getting' because
of this?

Thanks in advance for responses!

[==Peter==]
Reply to this Message
codekaizen - 22 Oct 2007 19:06 GMT
> Since my
> program doesn't compile as in '/CLI safe', what am I not 'getting' because
> of this?

CLI / Safe means that the resulting program is pure managed (only containing
IL instructions, and no native CPU instructions), which is the same as CLI /
Pure. The "extra" thing Safe adds is that the program is _verifiable_ by the
runtime.

Verifiable code has certain advantages because it can be proven that claims
about types and methods are always true. In unsafe code, you can't verify
that a program won't access a type or memory location in a way that it wasn't
designed to do, and therefore may have unpredictable effects. Native code is
inherently unverifiable (since the runtime can only prove IL code compiled by
the JIT [or NGen'd]), and pointers are also unverifiable (since you can do
arbitrary arithmetic on them). Other languages which target the runtime (C#
and VB) produce verifiable code by default or even exclusively. C++/CLI is
much harder to do this with, and in my opinion isn't well suited for this
task - native / managed interop is by far its greatest strength.

The big "loss" is that you have to run your app in "fully trusted" mode,
which means that the code gets all the privileges the current logon session
has been granted. If it were verifiable, it could also be made to run in a
"partially trusted" mode, which gives the code less privileges than the logon
session, making the system more secure, and therefore potentially useful in a
wider variety of scenarios, such as from a partially trusted website.
Reply to this Message
Peter Oliphant - 22 Oct 2007 20:57 GMT
Cool! Thanx, codekaizen! :)

[==Peter==]

>> Since my
>> program doesn't compile as in '/CLI safe', what am I not 'getting'
[quoted text clipped - 34 lines]
> in a
> wider variety of scenarios, such as from a partially trusted website.
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.