Hi all,
I came across this lovely lightning talk about sandboxing using, among other things, Capsicum on FreeBSD:
It was posted on the Erlang forums as well:
In the lightning talk, Krasen talks about NIF:s and C nodes for interoperability and combining that with sandboxing techniques. I’m using ports for processing Word documents – i.e. unzipping and XML parsing – and figure that should be possible to sandbox in a similar manner.
If anyone would be interested in sharing any experience or resources doing this I would be most grateful 
