Well behaved programs rarely need user namespaces, you can still, in userspace, drop capabilities and otherwise sandbox yourself without user namespaces.
Poorly behaved programs on the other hand... Ones that expect to use root for something, or expect to write into arbitrary folders, or etc, usually a lot more useful for constraining that.
Poorly behaved programs on the other hand... Ones that expect to use root for something, or expect to write into arbitrary folders, or etc, usually a lot more useful for constraining that.