If you mean an unbreakable solution, then I would say that there is no such thing as 100% security. For every measure you apply, there are an infinite no. of ways to get around it just waiting for a creative hacker to find. Each time you find one you'll implement a new measure for which there will also be an antidote.
For example, suppose you replace /usr/bin/perl with a wrapper that disables the function in the perl command options. So your hacker needs only to find out where you put the original program and shebang that instead. So then you are at stage 2 of the battle and have to make the original program no-execute and make your wrapper call setruid before running the original interpreter with your enforced options. Hacker counters by making a copy of your wrapper and editing it with the right I/O options to preserve its sticky bit on close. So at stage 3 you rewrite in C to counter again. Hacker is still not prevented - he writes his own wrapper to patch yours in memory - and so on ad infinitum. It's called 'core wars' by some of those who do it for fun.