Replace nsjail with minijail

[andredias]

Nsjail documentation is very scarce. It is hard to find anything even on Google. For example, I couldn't find an example about how to declare a parameter for a mounting point with a limit size. (--mount /tmp/sandbox_234:/sandbox:??:??,size=200m).

On the other hand, minijail is an official Google project and it seems to have better documentation. It is yet to see how hard would be to replace nsjail.

[andredias]

Article about sandboxing based on minijail:

• Sandboxing Chrome OS system services

Other article about sandboxing:

• Sandboxing and Workload Isolation