Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.
Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.
There is also a Getting Started guide for Sandbox2.