Thanks. So there are two concepts where isolation is mentioned, the --pure and the --container options. But still the documentation is very light on details and doesn't really answer what kind of (if any) security boundary or sandbox is provided by the container feature.
How might it compare to eg using nsjail[1] or firecracker [2] or flatpak's sandbox[3]? These could be also good benchmarks for the documentation.
Good point. My main distro is NixOS, so I am not too familiar with Guix. After a quick glance at the code, Guix seems to be similar to bwrap et al. as it uses kernel namespaces for sandboxing [1].
I think the pure option is not really for (security) sandboxing, but rather for making sure your programs do not use any dependencies that are not explicitly declared, i.e. to ensure referential transparency.
It's a sandboxing feature similar to e.g. Firejail.
One can launch applications in a separate container, and choose whether to give access to the network, filesystem, and other environment variables.
I find this very convenient, and I wish Nix provided a similar feature.