Let's say that I'm building a web application that I will host on my server.
Should I sandbox it in order to protect my server?
Note
I just learned that there might be more to sandboxing your web application than restricting the permissions of the user running it when I read those 2 posts :
It is an established method for improving security to give application only the privileges they are expected to need. This way the impact of a potential security issue is limited. Sandboxing using pledge, seccomp or similar technologies is one way to limit the privileges an application might abuse but it is not the only way. Typical other technologies are different users for different tasks, SELinux, containers, virtual machines etc.
These technologies differ in the overhead, the protection they offer, how hard they are to use etc. If any of these technologies are used and which one(s) therefore depends on the actual requirements, i.e. typically a balance between the required security, the needed performance and the amount of money available to implement and run it.
For the usual web application sandboxing all the application using seccomp or pledge is in my opinion not that easy. A better and easier separation is probably offered in this case with containers or virtual machines. Also, running known to be problematic steps like image processing in a restricted setup (process with different user, sandbox, container, VM...) separated from the rest of the application will increase the security.
Thus in summary: yes you should probably restrict your web application on the server side to limit the impact of a potential security problem. But if you use process based sandboxing using pledge or seccomp or if you use different technologies or if you combine multiple technologies depends on the actual requirements (security, performance) and limits (money and time available for development and maintenance).
