Is "unprivileged_userns_clone" enabled in Fedora?

Just read the “ungoogled Chromium” documentation and it mentioned to enable this kernel argument to enable the Namespace Sandbox.

I dont care about that Browser at all, but its Sandbox sounds nice. I would 100% invest more time into securing Firefox (in fact I do a bit) but I can imagine enabling this by default would improve usability.

Would there be any drawbacks from enabling this karg?

As far as I know that is Debian specific, quoting Controlling access to user namespaces []

… on Debian systems, the knob is called unprivileged_userns_clone

Don’t know about drawbacks but the quoted article seems like a good read.

interesting, this thread is pretty old.

On secureblue, a hardened Fork of Fedora Atomic based on Ublue Startingpoint, user namespaces are disabled and Chromium as well as Brave work. But unsure if the Sandbox needs user namespaces