You can make you program to setns(2) (to some, but not all namespaces), chroot and then drop capabilities.
You can also attain something similar with dived (not actually chrooted, but having access to the container's chroot).
You can run [staticly linked] dived inside a container (with the appropriate options, for example, --client-chroot --root-to-current
), listening UNIX socket on some filesystem part that is visible both in the containter and on the host; and run dive
to ask that dived
to start your non-statically-linked program in container's namespace. The root filesystem will stay the same as your host (so your program can find libraries), and the containter's root filesystem will be set as current directory.