VB.NET LevelFinal and Exclusive Attributes
In this article I will explain you about LevelFinal and Exclusive Attributes in VB.NET.
Some higher-level policies can choose to exclude lower policy levels so that they are not evaluated. Simply applying the LevelFinal or Exclusive attribute to a code group creates this exclusion.
The LevelFinal attribute prevents any policy level below the current level from being evaluated. Remember that the policy levels are the following from highest to lowest: enterprise policy, machine policy, user policy, application domain policy. If, for example, you apply the LevelFinal attribute to the zone code group at the enterprise level, the policy of any code group at the machine level will not be evaluated even if a machine-level administrator has made changes. Applying the LevelFinal attribute at a particular policy level, guarantees that an assembly associated with a code group marked with the LevelFinal attribute will never have its permissions revoked because of decisions made by a lower policy level's administrator.
The Exclusive attribute prevents other code groups in the same policy level from being considered when the runtime environment computes permissions for assemblies in the exclusive code group. Policy levels above and below the current level are still evaluated. This attribute allows one specific code group to make the sole decision for the current policy level regarding which permissions to grant to assemblies that match that group. This is useful when you want to grant a specific set of permissions to specific assemblies, without allowing permissions from other code group matches on the same policy level. Note that an assembly is not allowed to execute if it belongs to more than one code group marked as exclusive; otherwise, the system throws a PolicyException error.
Below example walks through creation of an example code group named xxx and the setting of a few properties with the mscorcfg.msc MMC tool.
Example of Application Directory Code Group
<CodeGroup class="UnionCodeGroup"
version="1"
PermissionSetName="FullTrust"
Attributes="Exclusive, LevelFinal"
Name="xxx"
Description="xxx description">
<IMembershipCondition class="ApplicationDirectoryMembershipCondition"
version="1"/>
</CodeGroup>
Conclusion
Hope this article would have helped you in understanding LevelFinal and Exclusive Attributes in VB.NET.