Sandboxie

Sandboxie (support for which is being merged) currently has some issues, and does not appear to be designed with this sort of purpose in mind (it's really meant for sandboxing GUIs). That being said, it's working reasonably well, even if not all the tests currently pass, and there are some inconsistencies.

The three core issues are:

• Sandboxie does not provide any way of receiving stdout or stderr
• Sandboxie does not provide a way of making the filesystem read-only or unreadable by default (allowing you to override this for specific files). Instead, everything is r/w by default, but writes are redirected to a "sandbox" file-system, which overlays on top of the real one. This appears at first glance to be as good as read only, except that you can't isolate each process in its own sandbox (short of creating numbered sandboxes and keeping track of which number you're on, but that would also have space concerns), so if the executable writes to a file in the sandbox, other programs running in that sandbox will see the modified file. This may also apply to programs running afterwards, as while sandboxie is configured to automatically delete such files, it may not delete them before another executable starts running in the sandbox.
• Sandboxie, though there are plans to make it "open-source" (which hopefully, though not necessarily, means a permissive license), the license is currently very restrictive, preventing me from repackaging sandboxie in such a manner that it can be installed on the (headless) Appveyor CI environment.

Hopefully the future plans for sandboxie will make it possible to resolve these three issues.