Namespaces and Mandatory Access Control are great sandboxing features within Linux, would be nice to consider supporting them e.g:
Namespaces: Firejail
MAC: Apparmor
(Apparmor comes by default enabled within Debian 10+, Firejail is installable from stable repos)
Namespaces and Mandatory Access Control are great sandboxing features within Linux, would be nice to consider supporting them e.g:
Namespaces: Firejail
MAC: Apparmor
(Apparmor comes by default enabled within Debian 10+, Firejail is installable from stable repos)