I've just come across Genode which looks like it may offer a reasonably quick route to capability based security for all of us. They are looking to self-host development ("eat our own dog food" as the term goes) by the end of 2012.
It builds on the work of L4 and all the other microkernels, providing a way to run on 8 different microkernels in total.
I'll do what I can to help push this along. I'm sorry it took so long to find... Google isn't the great way to search, but it's the best so far.