Aren't all the necessary pieces for something better essentially in place now that unprivileged namespaces are well-established?

They've for sure had more than their fair share of security issues, but those are bugs, not fundamental design problems as far as I understand?