[1.3.0] Classic internet block not working at all

[RandomGOTI]

Describe what you noticed and did

WFP still works

• try to block all programs using the classic method in plus or via classic UI
• ...

Do PromptForInternetAccess=y and spam NO for extra humor

How often did you encounter it so far?

No response

Affected program

.

Download link

.

Where is the program located?

The program is installed only inside a sandbox (NOT in the real system anyway).

Expected behavior

.

What is your Windows edition and version?

Windows 7 Ultimate SP1 x64

In which Windows account you have this problem?

I use the built-in Administrator account.

Please mention any installed security software

None/WD disabled

What version of Sandboxie are you running?

Plus 1.3.0 x64

Is it a new installation of Sandboxie?

I just updated Sandboxie from a previous version (to be specified).

Is it a regression?

1.2.8

In which sandbox type you have this problem?

In a Standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on an empty sandbox?

My sandbox contains existing programs or data.

Did you previously enable some security policy settings outside Sandboxie?

No response

Crash dump

No response

Trace log

No response

Sandboxie.ini configuration

No response

[DavidXanatos]

i cant reproduce this, what program are you using to test it?

[RandomGOTI]

i cant reproduce this, what program are you using to test it?

Tor browser installed inside the box and the media player installed outside , no program gets blocked from accessing the net with classic method, and if there is a allow list the PromptForInternetAccess will still trigger but yes/no choice has no effect for any process if the box is not using WFP but network devices

It's like reported #1955 (comment) here but TOR instead of not being able to connect at all it's reversed while still reported as a denied connection in 1.3.0
The message hidden with classic UI appears in the config as
1.3.0 (5.58.0) : SbieCtrl_HideMessage=1307,firefox.exe [Tor] *
1.2.8 (5.57.7) : SbieCtrl_HideMessage=1307,firefox.exe [Tor]

Ahem... and found the problem...UseRuleSpecificity=y turned it off and now Tor box is blocked if i use ClosedFilePath=InternetAccessDevices, also seems that 1.3.0 did fix SBIE2112 issue

Only 1 issue remain

ProcessGroup=<InternetAccess>,tor.exe,firefox.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices

Still triggers PromptForInternetAccess but this time with RuleSpecificity disabled the yes or no choice have effect but the allow or blocklist via processgroup is ignored , no issues with WFP

[DavidXanatos]

aaaa.... RuleSpecificity=y that makes the difference indeed, to be exact this recent change:

• rule specificity is now even more specific a exact rule now overrules once that end with a wildcard

[RandomGOTI]

fixed in 1.3.1 UseRuleSpecificity=y no longers causes programs to ignore the block
the last part of my previous comment still there tho

[DavidXanatos]

please open a new issue for that and explain in more detail how to reproduce

[RandomGOTI]

please open a new issue for that and explain in more detail how to reproduce

There is no need for that , with all the tries to find why the SBIE2112 error happens i forgot how blocking devices and PromptForInternetAccess work together, the tor browser is installed inside the box , if i try to use like above an allow list for it it's blocked regardless ["Note: Programs installed to this sandbox won't be able to access the internet at all." or "When this feature is enabled, programs that are installed (or downloaded) into this sandbox will never be allowed to access the Internet, even if they match the program name specified above."] PFIA=y prompting me with the choice to allow or block which works on 1.3.1
This limitation is not present with WFP which the box was using before i switched to devices to test for SBIE2112

Update on SBIE2112 issue : #1955 (comment)