Currently the security_SandboxedServices test validates that the pidns and mntns are enabled if they are specified in the "baseline" file. However, minijail has additional namespaces (that are used by services):

* cgroup
* IPC
* network
* UTS

Most of these look like they're already parsed by the "ps" command, so it should be easy to check: http://cs/chromeos_public/src/third_party/autotest/files/client/site_tests/security_SandboxedServices/security_SandboxedServices.py?l=25-30&rcl=1484a4a32bfe948400d509b5e5ae6fa0ff7b8df3 


Not sure if this relates to: https://bugs.chromium.org/p/chromium/issues/detail?id=869170 (unsure if that's referring to the same thing or something else)