It isn’t widely advertised, but macOS ships with a standalone sandboxing utility out of the box:
sandbox-exec. While the very short manpage says the utility has been marked deprecated, and for quite a few major releases now, it’s used heavily by internal systems so it’s unlikely go away anytime soon.
Read in full here:
This thread was posted by one of our members via one of our news source trackers.