It would be interesting to run a benchmark. My impression is that ptrace interceptions would add a significant overhead but I can be wrong. Still, it looks like a great project.
Alternatively they could use unshare and aufs to overlay another filesystem on top of a read-only root.
This is addressed in the paper. Performance overhead is in the ballpark of 10-20%. They are able to improve on the performance of a purely ptrace-based sandbox by using seccomp to ensure that only the syscalls that need to be intercepted are sent to ptrace.
The benefit mbox has over unshare+aufs is that mbox doesn't require root privileges.
Alternatively they could use unshare and aufs to overlay another filesystem on top of a read-only root.