This sounds a lot like what securelevel(7) already does.
Nope. Not at all similar in terms of capabilites. Securelevels are a pale imitation of what you can do with MAC, not even close.
If you really think securelevls are at all close to MAC, then you really don't understand MAC.
There is absolutely no reason to put up walls so the sysadmin can't do anything, rather than fix the bugs that let an attacker gain root in the first place.
It's not putting up walls, it's enforcing secure policy and good practice, and sometimes the law.
Sepeartion of duty, read up on it.
2. An example from a commenter on the blog is that he needed to prevent root from reading users files. OpenBSD is almost the only OS left that can't meet this requirement.
3. Auditing, along the lines of what OpenBSM provides. This isn't related to MAC, yet the team still doesn't implement it...
The archaic UNIX security model is exactly that, archaic. There are needs it cannot meet, and something like MAC is needed.
It does provide increased security by enforcing proper separation of duty and privilege correctly, not adding it in later as OpenBSD has done.
I love OpenBSD, but to dismiss MAC as a waste of time just serves to discredit yourself.
Living on Earth may be expensive, but it includes an annual free trip around the Sun.