Is it possible to restrict /usr/bin/top on Linux with AppArmor so it will display only the processes of the current user? In addition to that, /bin/ls /proc must not show any of the PIDs belonging to other users.
SnapOverflow
The only way to do this is to install a kernel patch. I recommend grSecurity. That will only show the users processes in a ps and should also limit it via top. If it doesn't the best thing to do in that case is
So only root can run it. Most shell users would never even need top
Short answer
No, that is not something you can easily do with AppArmor. It is not hard to modify top and ls to do this, but bypassing these changes is trivial (roll your own ls and top). Modifying access to the /proc file system is likely to break many applications.
Long answer
Linux does not have this functionality built in as far as I know. You would have to modify the kernel to ensure that no system call can leak information about processes running for other users, but that's a large project. And the question remains... Why? If a user has shell access on your server the user can do lots of nasty things. If you want to restrict a user so he can not interact with the rest of the server you should put him into a container of some sort. Virtual machines are excellent for this.
This answer accomplishes the end OP had in mind, but not by the means they had in mind. The linux kernel (since 3.3) supports hiding processes from other users. To do this you will need to mount /proc with the hidepid option, to do this automatically at boot you will need to add a line like this in your
/etc/fstabfileproc /proc proc defaults,nosuid,nodev,noexec,relatime,hidepid=2 0 0run
man procfor more info and to understand the hidepid numbers