Look into cgroups, capabilities. http://manpages.ubuntu.com/manpages/precise/man1/cgcreate.1.html http://libcg.sourceforge.net/ http://manpages.ubuntu.com/manpages/precise/man3/cap_set_proc.3.html
