Sandboxing is a technique used in modern computing devices that enables applications to execute in an environment such that the application is only granted access to a particular portion of the file system of the device, in order to protect the security of application-specific data. Other applications cannot access that particular portion, but instead are restricted to their own portions of the file system. However, with multi-user devices, standard sandboxing alone will not prevent one user to access the data of another user if both users make use of the same application. Thus, there is a need for techniques that allow for optimal flexibility in data segregation for multi-user devices.