I guess you're assuming that the platform/runtime that's doing the isolation is close to being correct, which we both know isn't quite true ;) The only benefit I see is that you're adding an additional level of abstraction (namely, you're executing a vetted selection of native code rather than arbitrary native code), which makes reaching the point where you can actually break things harder. Was this the point you were trying to make?
The idea is to reduce the ability of the untrusted code to go wrong and compromise the host.
Going wrong can mean “exploited by malware” through to “extension code trawls the host process address space to provide ‘features’”
The latter of these two used to happen all the time with “haxies” on OS X.
The run on security benefit of providing a semi-virtualised environment for third party/untrusted code is that if the VM is exploited you are able to fix and ship a fix for the VM. You can’t fix the untrusted code.
