why to change the priority of rule in Exclusion part with v5.8 beta?

According to my test, new beta version has changed the priority of rule in programs’ Exclusions. Now the priority, “Allow”<“Block”.

I think, someone may think that it can get more safty. Maybe they are right. But I believe that there is just very little to enhance the safety. And on the contrary, it makes huge inconvenience to make Exclusions of rules.

For example, I block firefox.exe to create “.exe” in all of my partitions, but only my download folder. As before, I only need to make a rule in Exclusion of block, “*.exe”, and make a rule in Exclusion of Allow, “x:\download*”. That’s ok because with priority, “Allow” >“Block”.

But with new beta CIS, I cannot make rules easily. And what’s more, I don’t know how to make rules to accomplish my such purpose.

Or is it avaliable to add an option to let users choose the priority?

Can you see if the FF rule you made is placed somewhere above a rule with name “All Applications”? If not move it there and try again.

Many thanks for your reply. I tried twice. But it is the same wherever the FF rule is above the rule of “All Application” or not.

How do you make it block in the current situation now you cannot use the wildcard *.exe anymore?

I think that you have not understood what I said.

In 5.8beta, CIS firstly executes the rules in “block”, *exe; and then does the rules in “allow”. So go to my sample. When I download A.exe from a website by FF, now CIS execute the rules that blocks to create A.exe because the rule in “block” is *.exe. Now there is no chance to execute the rule in “allow”, “x:\download*”, so FF has no chance to create A.exe in x:\download.

But before 5.7 (including 5.7), CIS firstly execute the rules in “allow”. So FF can download A.exe in x:\download.

Now the problem which the 5.8beta makes is very huge because the change of priority makes some rules impossible.

For another example, I need x.exe cannot creat, modify and delete any file in x:, including subfolders, but x:\a\ and its subfolders.

With 5.7 and earlier version, it is very simple. the rules are follows, only two rules,

in x.exe’s exclusion “allow” rule, to create rule, “x:\a*”
in x.exe’s exclusion “block” rule, to create rule, “x:*”

That’s ok.

But with 5.8, you have no idea to achieve it. The change of priority makes it impossible.

Thanks for the explanation. I now understand what is going on.

Since I am not sure this is by design so I would suggest to post it in the release topic and drop egemen a pm to ask to comment on the change. He can tell if it is by design or by mistake.

I highly appreciate your effort. Please let me know as soon as you get any reply.

If it did be designed, I think, it brings much more disadvantages than advantages.

Indeed. It has been changed to make BLOCK priority higher than ALLOW. But it seems it might bring issues to the users such as yourself.

So we will return it back to its old settings.

highly appreciate it, egemen!

Thanks for your feedback.

anytime ;D

by the way, new beta will be released soon?

Possibly next week.

wonderful! ;D