CA claims that one of their products - eTruct Access Control can restrict the Root previliges like
1 Restrict termination of specific processes in memory
2 Restrict deletion / viewing of certain files / processes
The procduc details are available from
WWW.CA.COM
Questions
1 Whether this is possible without changing the kernel
2 Whether this will have an impact on the performance of the system