Conclusion

Systrace offers fine-grained confinement for multiple applications with multiple policies.

Interactive and automatic policy generation.

Using Privilege Elevation, it is possible to elevate privilege for single system calls.
No more setuid/setgid.

Integrated into NetBSD and OpenBSD.
Available for GNU/Linux and Mac OS X.
Port for FreeBSD on its way.

Freely available under BSD-license:
http://www.citi.umich.edu/u/provos/systrace/