Comment by bornfreddy

Very interesting, thank you for sharing!

Unfortunately it looks like sandbox mode [0] is not a goal, so it doesn't solve the main problem I have - running semi-trusted apps (e.g. Android Studio) and minimising their impact. Currently I just share X11 socket and run it in Docker.

[0] https://github.com/89luca89/distrobox/issues/28