Namespaces basically are a sort of kernel enforced isolation. A processes enters a namespace and to that process it might be root on its own machine. Behind the scenes the kernel is kinda translating everything it does so into its own little sandboxed area instead of the root system. But inside that namespaces it legitimately thinks it is the root user and can exercise most of the functional that is only exposed to privileged users. (f course the kernel limits what it can do to only being inside it’s own little space so that alone isn’t an issue.

When it comes to hardening, the namespaces are not inherently insecure. The difference is in the “attack surface” an unprivileged user has access to through them.

A simple example of this is mounting a filesystem. Now the user won’t be able to like remount a privileged filesystem or something it’ll be isolated. But let’s say there is a vulnerability in the exact filesystem code in the kernel, your server doesn’t mount any exfat drives and you disallow automounting of anything for hardening. So even if the issue exists an attacker couldn’t exploit it because the exfat code isn’t reachable as normal user. With a user namespaces though a user becomes root of their own little area so they can actually ask the kernel to mount something inside their namespace. So now with a namespace an attacker can get access to exploit their theoretical exfat filesystem vulnerability.

tl;dr the problem with having namespaces on is it allows unprivileged users access to a lot more “potentially” vulnerable code that could be exploitable.