The gist is that native sandboxing is a mess of undocumented APIs, very different approaches between operating systems, one-size-fits-all policies, kernels are full of bugs, the whole setup is a nightmare to debug and to top it off there are no useful cross-platform abstractions. Not even Chrome has one; beyond Mojo the sandbox is a pile of special cases and platform specific code all over the codebase.
