From what I understand, firejail is a "syscall filter". This moves it to the same category as capsicum (https://www.freebsd.org/cgi/man.cgi?capsicum), but without Capsicum's security model, instead implementing something ad-hoc, probably by using Linux' seccmp.

Jails, on the other hand, are not a sandboxing mechanism - they are system-level virtualization, like Linux namespaces, but with a simpler interface. You can use it for sandboxing, but it's not what the mechanism fundamentally is.

Firejail does more than just syscall filtering.

Please tell more.

Check this out: https://firejail.wordpress.com/features-3/

Looks like a GUI wrapper around jails, with some seccmp hacks to work around deficiencies in namespaces.