As in, any unrestricted process with user privileges on Linux can up to root through vulnerabilities in the kernel or other components. Namespaces, LSMs, and seccomp limit that exposure.
> unrestricted process with user privileges on Linux can up to root through vulnerabilities in the kernel or other components
Getting pwnd via vulnerabilities is very different from giving root access. You're arguing with a strawman, I'd rather not engage.