7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -2607,10 +2607,12 @@
     </token>
     <token id="fmri">
     </token>
     <token id="groups">
     </token>
+    <token id="secflags">
+    </token>
     <!--
         the iport token take a single argument of type uint16_t
         if there are any other tokens following it that have arguments
         the last of the iport tokens in the event description must
         be followed by a dummy iport token that is optional.