list fix 2

docs/PlusContent/WFPSupport.md

@@ -54,11 +54,14 @@ The following **rules precedence** scheme determines rule hierarchy:
 
 1. A rule for a specified program trumps a rule for all programs except a given one, trumps rules for all programs.
 2. A rule with a Port number or IP address trumps a rule without:
-   - 2a. A rule with an IP address and Port number trumps a rule with an IP address only or Port number only.
-   - 2b. A rule with one IP address trumps a rule with an IP address range that is besides that on the same level.
+
+  - 2a. A rule with an IP address and Port number trumps a rule with an IP address only or Port number only.
+  - 2b. A rule with one IP address trumps a rule with an IP address range that is besides that on the same level.
+
 3. Block rules trump Allow rules.
 4. A rule without a Protocol means all protocols.
-   - 4a. A rule with a Protocol trumps a rule without, if it is the only difference.
+
+  - 4a. A rule with a Protocol trumps a rule without, if it is the only difference.
 
 **Some examples:**
 

docs/PlusContent/privacy-mode.md

@@ -16,19 +16,19 @@ Internally, a privacy enhanced box is based on three defaults:
 
 1. **Allow read access to system resources:**
 
-- `C:\Windows`
-- `C:\Program Files`
-- `C:\Program Files (x86)`
-- `C:\ProgramData\Microsoft` (since **Sandboxie Plus v1.12.7**)
-- Registry resources under HKLM (but not HKCU) are readable and can be sandboxed.
-- **Note:** The read access provides a good balance between privacy and convenience. One could, of course, drill down to identify selected system resources that may leak private data and further restrict them (using `Write[File/Key]Path`) if desired.
+  - `C:\Windows`
+  - `C:\Program Files`
+  - `C:\Program Files (x86)`
+  - `C:\ProgramData\Microsoft` (since **Sandboxie Plus v1.12.7**)
+  - Registry resources under HKLM (but not HKCU) are readable and can be sandboxed.
+  - **Note:** The read access provides a good balance between privacy and convenience. One could, of course, drill down to identify selected system resources that may leak private data and further restrict them (using `Write[File/Key]Path`) if desired.
 
 2. **Hide (and block access to) user space:**
 
-- In user space, a privacy box works in **default block** mode: all drive paths are set to WriteFilePath. This hides all files and folders outside the sandbox, but allows new files and folders to be created in the sandbox (unless specifically allowed by an overriding rule). Access to selected paths is enabled by invoking [Rule Specificity](../PlusContent/RuleSpecificity.md).
+  - In user space, a privacy box works in **default block** mode: all drive paths are set to WriteFilePath. This hides all files and folders outside the sandbox, but allows new files and folders to be created in the sandbox (unless specifically allowed by an overriding rule). Access to selected paths is enabled by invoking [Rule Specificity](../PlusContent/RuleSpecificity.md).
 
 3. **Enable [Rule Specificity:](../PlusContent/RuleSpecificity.md)**
 
-- Internally, rule specificity is **always enabled** in privacy mode. It uses the **[Normal](../Content/NormalFilePath.md)** path directive (`Normal[File/Ipc/Key]Path`) to open selected locations to be **readable and sandboxed**. Note that setting a path to normal is meaningful only when a parent path was first set to something else, as done in privacy mode. It is thus relevant not only for **blue**  boxes (based on privacy mode) but also for **red** boxes (with both privacy mode **and** [security mode](../PlusContent/security-mode.md) enabled).
+  - Internally, rule specificity is **always enabled** in privacy mode. It uses the **[Normal](../Content/NormalFilePath.md)** path directive (`Normal[File/Ipc/Key]Path`) to open selected locations to be **readable and sandboxed**. Note that setting a path to normal is meaningful only when a parent path was first set to something else, as done in privacy mode. It is thus relevant not only for **blue**  boxes (based on privacy mode) but also for **red** boxes (with both privacy mode **and** [security mode](../PlusContent/security-mode.md) enabled).
 
 **Recent Changes:** Upon the introduction of privacy mode, a few built-in access rules were offered for some of the more common browsers and applications and these were augmented in later versions. Starting with **Sandboxie Plus v1.8.0**, all built-in access rules have been moved to a set of default templates (included in the file **Templates.ini** under the `[TemplatePModPaths]` section) for easier management.