Currently, when you define role or user permissions, you define them per Environment/Application and this works as expected for Monitoring. However, it does not seem to work at all for the Errors and Logs sections, where a user with limited permissions can actually see Errors and Logs for all Environments/Applications.
Ideally, the Errors and Logs sections should adhere to the same permission structure as Monitoring.