On your single-user dev laptop it’s very likely that you are user 1000 and probably put yourself in the docker group so you wouldn’t have to sudo to run docker ps.
So then running your containers as that UID without user namespacing (docker’s default) opens you up to more attack surface than if it was uid 1001.
So then running your containers as that UID without user namespacing (docker’s default) opens you up to more attack surface than if it was uid 1001.