alt Hacker NewsRight, but nobody actually uses curl as the end destination, right? You use it to download something so that you can run another tool on it.
And as such, you need to already be sandboxing the tool (since it processes untrusted data you received over the internet).
How would sandboxing curl help with vulnerabilities in your pdf reader?