Comment by godelski

Probably nspawn[0]. Think of it like chroot on steroids and not as heavy as docker. You can run these containers in an empirical mode, so modifications are not permanent. Like typical systemd you can also limit read/write access, networking, and anything else you want. This can even include things like limiting commands and all that. So you can make the program only able to run in its scope, only read, and only use a very limited command set.

Not the most secure thing, but you can move up to a VM, then probably want a network gaped second machine if you're seriously concerned but not enough to go offsite.

[0] https://wiki.archlinux.org/title/Systemd-nspawn