That'll still allow access to env vars, and interact with other processes owned by the same user.
At the very least, you really need to add process isolation / namespacing as well - at which point it's going to be easier to just use the sandboxing / containerisation tool of your choice to manage it all for you.
