Hi,
Thought I'd just share this link (warning, it's lengthy and technical): [spec] Unprivileged user namespace restrictions via AppArmor in Ubuntu 23.10 - Security - Ubuntu Community Hub
To sum it up, there's a chance that in Ubuntu 23.10+ and distributions based on them, the Chromium Sandbox might need to be disabled (or at least the userns portion of it) in the same manner it currently is on Debian in the installation script. Because these changes haven't landed yet it's difficult to test in advance, but one to keep an eye on.
Cheers
James