I think this is a bad option for a default installation.
Maybe if there is a netbsd-secure add-on, it would go in there.

In some email I received from wojtek@3miasto.net, sie wrote:
> i would like to add option to disable readability of process info of other
> users completely for non-root (like in linux with secure-linux patch):
> 
> i have almost no experience in kernel programming so is it a good idea to 
> change:
> 
> 	/* only root or same user change look at the environment */
> 	if (type == KERN_PROC_ENV || type == KERN_PROC_NENV) {
>    		if (up->p_ucred->cr_uid != 0) {
> 			if (up->p_cred->p_ruid != p->p_cred->p_ruid ||
> 			    up->p_cred->p_ruid != p->p_cred->p_svuid)
> 				return (EPERM);
> 		}
> 
> to:
> 
> 	/* only root or same user change look at the environment
>            (user_ps_ax!=0) or anything (user_ps_ax==0) */
> 	if (!user_ps_ax || type == KERN_PROC_ENV || type == KERN_PROC_NENV) {
> 		if (up->p_ucred->cr_uid != 0) {
> 			if (up->p_cred->p_ruid != p->p_cred->p_ruid ||
> 			    up->p_cred->p_ruid != p->p_cred->p_svuid)
> 				return (EPERM);
> 		}
> 
> 
> and then lines for sysctl interface (kern.user_ps_ax ?) for user_ps_ax
> variable which defaults to 1 but could be changed to 0.
> 
> 
> 
> 
>