Direct access to user namespaces isn’t available inside the flatpak sandbox because that would enable sandbox bypass, but flatpak does provide a portal API to create a more restrictive sub-sandbox. Chromium-based flatpaks use that via zypak (Chromium itself uses a patch from the same author).
The Firefox flatpak doesn’t use that API because it would cause excessive memory usage without some architectural changes. This isn’t as bad as it sounds because Firefox apparently doesn’t rely on namespacing for its sandbox; it’s rather defense in depth.
To my knowledge, SELinux is not used for confining flatpak apps. Flatpak does ship a policy module, but it’s only for flatpak-system-helper. In general, Fedora’s SELinux policy mostly confines system services.
The Firefox flatpak currently has the devices=all permission. More portals are needed to cover the remaining use cases before that can be disabled by default. However, I don’t think any core functionality would break if you choose to override it.