What Does CFp Do With Files That Have Multiple Policies?

On my Win XP machine, I first noticed a weird issue with 3.0.20 when I setup custom file group policies. Every time CFP asks me to allow or block an exception for a new Run an Executable access right to one of my custom groups with policy set to Trusted & Protected Application (my custom policy = Trusted + the same protection settings as Comodo by default), it creates a second entry for that file with Custom rules that include the new exception (and fail to carry over other Trusted access rights or protection settings). It also does this with another custom group set to Trusted Application.

I’d really like to know what Comodo does when a file has multiple policies set, thanks. Maybe I should skip custom groups and set each file’s policy individually?

If you have a rule for a group of applications then Comodo cannot give an additional rule to one program in the group without adding a new entry for that program. The checking looks at the list of rules from the top down. If the action against the group says ask it carries on looking down to see if another rule tells if what to do. If the action says allow or block it stops looking down the list.

I have a group for all applications that directly access the internet (and could be exposed to malware) and a block certain things like disk access, install device driver and direct memory access. There are other rules for each individual application below for all the other actions. It appears to work fine.

Thanks. I expected that might be the case but needed confirmation.