uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

*** 1726,1735 ****
--- 1726,1748 ----
  secpolicy_pset(const cred_t *cr)
  {
          return (PRIV_POLICY(cr, PRIV_SYS_RES_CONFIG, B_FALSE, EPERM, NULL));
  }
  
+ /* Process security flags */
+ int
+ secpolicy_psecflags(const cred_t *cr, proc_t *tp, proc_t *sp)
+ {
+         if (PRIV_POLICY(cr, PRIV_PROC_SECFLAGS, B_FALSE, EPERM, NULL) != 0)
+                 return (EPERM);
+ 
+         if (!prochasprocperm(tp, sp, cr))
+                 return (EPERM);
+ 
+         return (0);
+ }
+ 
  /*
   * Processor set binding.
   */
  int
  secpolicy_pbind(const cred_t *cr)