The most successful sandbox must be chroot+setuid. Probably because is it portable, simple and easy to understand. Both the administrator and the programmer knows directly what they can trust such a process with.
That's why I think something like seccomp would be usable. Anything outside of pure computation must be done outside it. No flexibility, nothing. Attack vectors are isolated to the monitor process.