When Compiler Directives Aren’t Enough

If you’ve programmed for any length of time in .NET, you’re probably familiar with the DEBUG compiler constant that you can use to designate code to compile and run depending on your build configuration (e.g. Debug or Release).

But very often you don’t care about the configuration you’re running–what you do care about is distinguishing between you developing the software and the end user using it. In other words, you care whether you’re running in the IDE or not.

An example of when this would matter is if you accidentally publish in Debug mode, then the end user will get all your debug outputs, extra buttons, etc. You can mitigate this risk if your code is protected by a check for the presence of the debugger instead. This call is:

[csharp linenumbers=”false”]
System.Diagnostics.Debugger.IsAttached
[/csharp]

Now, the end-user can always load up your EXE in Visual Studio and attach a debugger instance, so don’t assume this call will protect anything super-sensitive in your program. But your code is very susceptible to a decompiler anyways, so always use compiler directives if you don’t want certain sections of your code to make it to the outside world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.