Hi Dan,
I added sandboxing and message-mode pipes to http://wiki.winehq.org/SummerOfCode
(Yes, it's literally a pipe dream :-)
I think it's too much for the scope of a SoC project, personally. I think it should be possible with help from the kernel. For example, Steve French expressed willingness to expose the ability to create named pipes from a user-space program. He just wanted to know the appropriate interface, i.e. where in the filesystem they should live, how they should be created, and so on. The work is perhaps less coding oriented, and more about coordination and design. Coordination implies being gated on others' schedules, and that means it'd be at pretty high risk of not getting completed, no matter how motivated a student might be. --Juan