They have nearly the same information a normal user could get by running atop themselves, which reads the world-readable virtual files found in /proc. If you are using something like selinux to restrict access to /proc files, the same system could be used to restrict access to the /var/log files.