smf: switch to a tri-state for process-security properties true=on,false=off,nil=default

@@ -56,17 +56,23 @@
                   The stack will be mapped without executable permission, and
                   attempts to execute it will fault.
 
        System default security-flags are configured via properties on the
        svc:/system/process-security service, which contains a boolean property
-       per-flag in the default, lower and upper, property groups.  For
-       example, to enable ASLR by default you would execute the following
-       commands:
+       per-flag in the default, lower and upper, property groups.  The value
+       indicates the setting of the flag, flags with no value take their
+       defaults.  For example, to enable ASLR by default you would execute the
+       following commands:
 
          # svccfg -s svc:/system/process-security setprop default/aslr = true
 
 
+       To restore the setting to the defaults you would execute:
+
+         # svccfg -s svc:/system/process-security delpropvalue default/aslr true
+
+
        This can be done by any user with the solaris.smf.value.process-
        security authorization.
 
        Since security-flags are strictly inherited, this will not take effect
        until the system or zone is next booted.