Restricted execution was at one time implemented in the Python [http://www.python.org/doc/1.5.2p2/lib/restricted.html rexec] module. This module wasn't secure, so it was removed. It would be nice to have it back, in some form.
Obviously this is a hard task, so a more intermediate task might be preferred. Note that Zope 2 includes a kind of restricted execution environment with a very different design; extraction of that would be one technique to achieve restricted execution.