macOS has sandbox based on TrustedBSD MAC framework. However official documentation is non existent and implementation looks like unfinished product, but I've tried it and it worked. Recommend you to read "Apple's Sandbox Guide" pdf. https://reverse.put.as/wp-content/uploads/2011/09/Apple-Sand...
That looks like it might easily involve lots of fiddling, tweaking and dealing with obscure issues while XFence just works, which is worth a lot to me these days.