I find the granular nature of dependency sharing in NixOS to be really nice. In particular, I like systemd as my hypervisor. With systemd I can still isolate and lock down processes, but they can still, for example, share memory pages of `glibc`. It is certainly less "secure", and with Docker at least you're sharing the same kernel. It's also hard to share resources between Docker containers. Getting 4 Docker containers to use the same instance of Avahi, for example, requires explicit configuration.

Docker containers also don't have a "standard" for where to put binaries (outside of CMD/ENTRYPOINT), how to configure users/uids (many still run as root?), whether to put multiple services in one container or separate containers, where to put user data, etc. NixOS coordinates this centrally like any distro, assigning paths and UIDs and ports.