[chasil]

Linux does have this feature. It is the chroot() system call.

Linux can also allow limited access to select filesystem data within a chroot() - this is done with a "bind mount."

Why these two security features were not designed around all Android apps from the beginning is beyond me.

[TeMPOraL]

Didn't chroot() become secure / usable only late in the era of smartphones, way past creation of Android? Containers are a pretty new development, after all.

[hedora]

Neither linux containers nor linux chroot provide meaningful security. They’re useful for other things, but the kernel itself isn’t particularly well hardened against local privilege escalation attacks.

OpenBSD is one of the best on that front, but it is a defense-in-depth mechanism, not something designed to run known-malicious code.