grsecurity forums

Sorry if it was asked before, but will be nice if we would have nested define {} blocks?
An example:

Code: Select all

define foonx {
/           h
/usr        r
}

define foo {
$foonx
/usr/bin    rx
/usr/lib    rx
}

define bar {
$grsec_denied
$foo
/bin        rx
/etc        r
/dev        r
/dev/null   rw
/tmp        rwcd
}


Or, if not, please explain why?
Thanks.