Everyone else has said things about bargepoles and security holes, so I won't re-iterate - but may I say "chroot"? It's not absolutely designed for security, but it beats the alternative.

If we're going to assume you really have to do this (why? the curiosity is killing me!) the only way I know to limit resources absolutely is on a per-user basis on most OSes. This varies from OS to OS so ask your friendly local sysadmin.

Aside from that, you can always nice() a process so your controlling process will be able to kill it. Remember that if they're evil, they've installed sig handlers so you'll have to kill -9 them (this is unix speak, I don't know the equivalent on Windows).

Good luck, and please tell us why you're doing it.