Indeed, and that's the reason why a lot of current "sandboxing" efforts are rather misguided.
There is no reason to filter syscalls from some kind of bytecode with an interpreter run with full privileges if you simply run all of that unprivileged and you already have all syscall hardened and ACLed.
But for as long as there is a remotest possibility of a process being able to get around MMU, there is no reason to do that either.
