Is it possible to sandbox against untrusted code at thread Level ?
The common answer to sanboxing code seem to be implementing a SecurityManager and replacing the default SecurityManager. But this imposes the sandbox at the JVM Level . This is unsuitable for me.
Is there a way to do it for particular threads only ?
I doubt it. Since threads share a lot of resources (address space etc), it is hard to envisage a practical mechanism for doing what you're asking. Your best bet might be to run the untrusted code in a separate process.