Comment 13 for bug 787868

Limiting the access can be done by inspecting the proc entry for /proc/$PID/exe and only if you own the process is it possible for you to dereference the symlink.

Here's some code the shows why parsing /proc/$PID/cmdline isn't a good idea: https://github.com/ioerror/chameleon

If we assume that a user is running the program that is a Zeitgest client, we can check that exe points to something that is owned by root. That should improve things significantly.