Rgs Hey there!
It is important to note that user profiles are not what provides sandboxing. The apps are sandboxed, not the user profiles.
What user profiles provide is a way to have separate profile and app data.
For example, you can have different contacts and photos/videos/files/whatever in profile 1 and profile 2.
Likewise, you could have the same app installed in 2 separate profiles (for the sake of the example, let's say that app is Signal) and the app's data will be completely separate. You could be signed in with one number on Signal with profile 1, and another number in profile 2.
That's the kind of meaningful separation that user profiles provide.
Last but definitely not least, user profiles separate app communication. An app in profile 1 cannot see or communicate with app in profile 2.
I hope that explanation makes the distinction between sandboxing (which in this context applies to apps) and user profiles.
And since you mentioned virtual machines, I'll throw this in here, which may be something used in GrapheneOS in the future:
https://twitter.com/GrapheneOS/status/1585424713387483143#m | nitter.net