A relative to the finding at the tail end of
http://oss.sgi.com/pipermail/pcp/2014-November/006062.html ,
the following variant happens with 3.10.1 relesed code on
kernel 3.17.4-301.fc21.x86_64:
% sudo service pmcd restart
% cat /proc/1/maps
cat: /proc/1/maps: Permission denied
% pmval -s 1 -i 1 proc.memory.maps
[...]
"7f714c000000-7f714c029000 rw-p 00000000 00:00 0
7f714c029000-7f7150000000 ---p 00000000 00:00 0
7f7154000000-7f7154029000 rw-p 00000000 00:00 0
7f7154029000-7f7158000000 ---p 00000000 00:00 0
7f715b49c000-7f715b49d000 ---p 00000000 00:00 0
[...]
7f715ea33000-7f715ea34000 rw-p 00000000 00:00 0
7f715ea34000-7f715eb6b000 r-xp 00000000 fd:01 196126
/usr/lib/systemd/systemd
7f715eb6b000-7f715eb88000 r--p 00136000 fd:01 196126
/usr/lib/systemd/systemd
7f715eb88000-7f715eb89000 rw-p 00153000 fd:01 196126
/usr/lib/systemd/systemd
[...]
An strace of the pmdaproc binary indicates
setresgid(-1, 100, -1) = 0
setresuid(-1, 500, -1) = 0
openat(AT_FDCWD, "/proc", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 5
getdents(5, /* 326 entries */, 32768) = 8880
getdents(5, /* 0 entries */, 32768) = 0
close(5) = 0
open("/proc/1/maps", O_RDONLY) = 5
read(5, "7f714c000000-7f714c029000 rw-p 0"..., 1024) = 1024
[...]
setresuid(-1, 0, -1) = 0
setresgid(-1, 0, -1) = 0
So in this specific case, it appears to be a kernel check that permits
/proc/1/maps to be opened, even with a procpmda effective-[ug]id set.
the pmda's temporary-setuid machinery may need to set real*, not just
effective*[ug]ids to be portable to this generation of kernels.