[jbverschoor]

Imo, (almost) every directory should be treated as a new sandbox

[IshKebab]

Pretty much how Plan 9 works IIRC. I think Fuchsia might have a similar idea.

[jbverschoor]

I made shell-container for myself which works fine for me (link below). I just run shell and I’m in a new/stateful container with only that for mounted. Works pretty well, but has some quirks here and there

https://github.com/jrz/container-shell

[anthk]

Not directory but maybe processes with namespaces. rfork controls that, and then you have bind.