i would like to add a per-process property that specifies 
	the default IPsec policy (or other security protocol policy)
	for sockets.  I would like to inherit it on fork to the child process,
	so that we will be able to have a command called "secure" (for
	example), which sets the process default IPsec policy and forks
	a child:
	% telnet peer		# cleartext telnet
	% secure telnet peer	# telnet with IPsec requrired

	question is, is it reasonable to add some new structure to struct proc
	(sys/sys/proc.h)?  or are there any better ways?
	p_limit looks to be a good place to add, however, it looks hairy...

itojun