Problem:
The sandbox container runs as root by default. If untrusted code runs
in the sandbox and a container escape vulnerability exists, the attacker
gains root access to the host.
Solution:
Add a non-privileged user following principle of least privilege:
```dockerfile
RUN useradd -m -s /bin/bash -u 1000 sandbox
USER sandbox
WORKDIR /home/sandbox
```
Fixes#3277 (partial)
[AI-assisted: lightly tested, code understood]