That the process is being memory limited shouldn't make it impossible for another process to read its cmdline. The cmdline data of the process should already be in memory.
EDIT: I suspect that this problem is a consequence of a silly design that argv in the process holds the cmdline. Since apparently you can change the process name by changing argv, see:
EDIT: I suspect that this problem is a consequence of a silly design that argv in the process holds the cmdline. Since apparently you can change the process name by changing argv, see:
http://www.uofr.net/~greg/processname.html
This seems to allow any process to mess with what the kernel sees as the cmdline. I hope there's not a "more" serious security issue hiding.
This is more of a suspicion than fact, I'm planning to look into the kernel code to get more info on that.