Is it possible to implement some kind of JVM sandbox for running application ? I'd like to restrict access of this application for example to files IO, network, etc.
Is any way to control these resources access for running app inside of JVM in this sandbox ?
On
In addition to the JVM's security manager you can also use OS-specific security mechanisms. The simplest is running the JVM under a separate user.
More advanced isolation techniques exist on various platforms. For example linux has seccomp-bpf, namespaces, selinux, capabilities and various other things. Firejail and systemd-nspawn make use of them.
That's what SecurityManager is for.
They even have a tutorial.