That’s not how userspace sandboxing works. The assumption is that privilege flows from a trusted parent process to an untrusted child, so the trusted parent is the one responsible for setting the access controls.
Not really. It's more like wearing seatbelts: the car is not supposed to crash, but in case something unforeseen happens, please don't let the passengers exit through the windshield.
That’s not how userspace sandboxing works. The assumption is that privilege flows from a trusted parent process to an untrusted child, so the trusted parent is the one responsible for setting the access controls.