why do you think that the lack of a super user make per-process namespaces work?
The fact that you own the hardware you are running on means there's no need to provide enhanced priv's (such as root) to protect things like mount(2). And if you do something stupid, the only damage you can do is to yourself. Just look at all the hoops FUSE must jump through to keep people from being able to bodge the entire system.
