7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 30,39 ****
--- 30,40 ----
  #include <stdlib.h>
  #include <unistd.h>
  #include <fcntl.h>
  #include <string.h>
  #include <limits.h>
+ #include <sys/secflags.h>
  
  #include "Pcontrol.h"
  
  /*
   * These several routines simply get the indicated /proc structures
*** 66,75 ****
--- 67,97 ----
                  (void) close(fd);
          }
          return (rv);
  }
  
+ int
+ proc_get_secflags(pid_t pid, prsecflags_t **psf)
+ {
+         char fname[PATH_MAX];
+         int fd;
+         int rv = -1;
+ 
+         if ((*psf = calloc(1, sizeof (prsecflags_t))) == NULL)
+                 return (-1);
+ 
+         (void) snprintf(fname, sizeof (fname), "%s/%d/secflags",
+             procfs_path, (int)pid);
+         if ((fd = open(fname, O_RDONLY)) >= 0) {
+                 if (read(fd, *psf, sizeof (prsecflags_t)) ==
+                     sizeof (prsecflags_t))
+                         rv = 0;
+                 (void) close(fd);
+         }
+         return (rv);
+ }
+ 
  void
  proc_free_priv(prpriv_t *prv)
  {
          free(prv);
  }