Information about host machine architecture leaks into sandbox

On the Linux platform at least, processes within the sandbox have access to the host's CPU info (/proc/cpuinfo and on x86 the cpuid instruction).

If build systems in the sandbox use gcc -march=native or something similar, reproducibility will be compromised and the built artifacts might not work on CPUs with a different feature set.