I don't think the parent was asking for server side macOS containerization, but desktop. It'd be nice to put something like Cursor in a sandbox where it really couldn't rm -rf your home directory. I'd love to do the same thing with every app that comes with an installer.
I've had really poor experience doing anything with container deployed consumer apps in Linux. As soon as you even look at going out of the happy path, things immediately start going sideways.
flatpak and snap are both containerization-adjacent technologies for consumer apps, docker containers are not really intended for that use case.
You already can with `sandbox_exec`. And the entire entitlements design is there to force apps to have granular permissions.