It would be great if we got people to stop thinking “package manager” or “build system” when they think “Nix”.
Nix is a tool to force Unix processes to behave (mostly) like pure functions that operate on file system trees. The Nix language allows composing these functions, and also conveniently offers first class support for file system paths and string interpolation.
Today’s process isolation when running the builder executable of a derivation is a homegrown sandbox, because Nix pre-dates contemporary commonplace technologies by many years.
If I made Nix today from scratch, I’d build a pluggable interface for isolating the cached execve() and have containers or VMs by default, and would use a string templating language extension for Haskell instead of inventing a new language.