You also have gVisor, which runs all syscall through some Go history that's supposedly safe enough for Google.

> Android

Exactly. Android pulls this off by being extremely constrained. It's dramatically less flexible than an OCI runtime. If you wanna run a random unenlightened workload on it you're probably gonna have a hard time.

> Micro Kernels would do just as well.

Yea this goes in the right direction. In the end a lot of kernel work I look at is basically about trying to retrofit benefits of microkernels onto Linux.

Saying "we should just use an actual microkernel" is a bit like "Russia and Ukraine should just make peace" IMO though.