I know i am a Cassandra at that point and that i mess a bit with the whole fun thing.
But Docker is not a sandbox. Is it better than the BEAM isolation ? Yes probably. But if you need a secure sandbox with Docker, the advise right now and for the year to come probably is to have one VM per Docker container. If you want a more secure sandbox/container, have a look at FreeBSD Jails or SmartOS Zones. You can run a Docker container on SmartOS Zones.
