Using Docker to contain AI coding agents creates dangerous security loopholes by granting root access. A new approach leverages Linux's Landlock to enforce strict filesystem boundaries without compromising host systems—here's how it works and why developers should care.