From pressy's brainbackup
How to limit display of processes
Normally a solaris user sees all processes, not only his own. You can use "process privileges" to permit that.
# ppriv -l -v proc_info proc_info Allows a process to examine the status of processes other than those it can send signals to. Processes which cannot be examined cannot be seen in /proc and appear not to exist. # vi /etc/security/policy.conf PRIV_DEFAULT=basic,!proc_info -> uncomment and edit $ id -a uid=101(foo) gid=1(other) groups=1(other) $ ppriv $$ 1915: -sh flags = E: basic,!proc_info I: basic,!proc_info P: basic,!proc_info L: all $ ls -l /proc total 4 dr-x--x--x 5 foo other 832 Sep 24 22:52 1915 dr-x--x--x 5 foo other 832 Sep 24 22:56 1932
That's for every user except root. To enable it for single users, like monitoring, do:
# vi /etc/user_attr monitor::::lock_after_retries=no;defaultpriv=basic