7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

@@ -212,10 +212,11 @@
 extern int      exec_env_token();
 extern int      attribute32_token();
 extern int      useofauth_token();
 extern int      user_token();
 extern int      zonename_token();
+extern int      secflags_token();
 
 /*
  * X windows tokens
  */