user namespaces are a super rad feature. They've protected us at $WORK from multiple vulnerabilities that have come out.
How do you use them? Are we talking about developer desktop PC's here? Or user namespaces as part of a containerization setup?
The main use of user namespaces seems to be running stuff that wants to be root as non-root. It would seem better to simply fix all those tools to not check if they are root, and instead just try to do the thing they were trying to do.
For developer desktops, there's firejail[1].