7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 326,335 ****
--- 326,336 ----
          scf_instance_delete_prop;
          scf_get_boot_config;
          scf_get_boot_config_ovr;
          scf_is_fastboot_default;
          scf_fastreboot_default_set_transient;
+         scf_default_secflags;
          _check_services;
          _scf_handle_create_and_bind;
          _smf_refresh_all_instances;
      local:
          *;