If they were, then tracking users via third-party cookies and other resources wouldn't be possible. Nor would it be possible for a web site in my browser to suddenly start taking up all of my CPU/RAM due to a programming error or malicious site such as a crypto-miner. For the relatively little isolation that does happen, sandbox-escape vulnerabilities seem to be getting discovered all the time.
Also, as a technical user, I want more control over what web sites can do with my computer than a non-technical user might.
The more holes you poke in a sandbox, the worse a sandbox it is.
Third-party cookies seem to be on the way out thankfully. I agree that there should be a permission necessary (or at least some much better heuristic) for allowing a webpage to use too much CPU/memory.
Are they, though?
If they were, then tracking users via third-party cookies and other resources wouldn't be possible. Nor would it be possible for a web site in my browser to suddenly start taking up all of my CPU/RAM due to a programming error or malicious site such as a crypto-miner. For the relatively little isolation that does happen, sandbox-escape vulnerabilities seem to be getting discovered all the time.
Also, as a technical user, I want more control over what web sites can do with my computer than a non-technical user might.
The more holes you poke in a sandbox, the worse a sandbox it is.