ileges by switching to a different user.
 @param handle the context handle
 @param sandboxuser the user to switch to
 @param sandbox_path if non-NULL, restrict writes to this filesystem path
 @param restrict_syscalls whether to deny access to a list of dangerous syscalls
 @return 0 on success, -1 on failure