Sample Policy: mac_seeotheruids

mac_seeotheruids encapsulates the policy “Don't let users see what other users are doing”
- Implement new access control checks for inter-process operations (visibility, debugging, signalling, ...)
- Check logic: (ruid1==ruid2) ? 0 : ESRCH
  - Actually a bit more complicated: administrator exemptions, etc

mac_seeotheruids encapsulates the policy “Don't let users see what other users are doing”