I feel obliged to point out that this blog post is roughly 5 years and 1 month old. People change, opinions evolve. In just a few years, vast technological landscapes can shift. And don't get me started on config files. Please consider this text in the context of its time.
I got one question via Twitter: “What if there were a convenient way to run typical Unix commands in a sandbox? E.g. grep, awk, sed, etc. Could they work as part of a pipe like this?” by @DrScriptt
Well, yes, sandboxed commands can be used that way. Let me demonstrate it.
jmoekamp@solaris:~$ sandbox -n ls -l /etc | sandbox -n grep dumpadm
-rw-r--r-- 1 root other 279 Feb. 24 14:14 dumpadm.conf
