Capsicum is a lightweight OS capability and sandbox framework developed at the University of Cambridge Computer Laboratory. site 
This research supported by grants from Google, the the FreeBSD Foundation, and DARPA. Capsicum extends the POSIX API, providing several new OS primitives to support object-capability security on UNIX-like operating systems.
YOUTUBE raNx9L4VH2k Uploaded on Aug 18, 2010
.
The world may finally be ready for the security offered by capabilities. Intel invested in this starting with the 432 in the '70s: "The architecture would support multiprocessors, modular expansion, fault tolerance, advanced operating systems, advanced programming languages, very large applications, ultra reliability, and ultra security. wikipedia