A lot of sandboxing ability is there (LSMs, virtualization, namespaces, firejail, bubblewrap, xdg-desktop-portals...), but it's not so well integrated, many applications haven't been written with it in mind and you'll basically have to set it up yourself. It's definitely the future though!