There's something seriously wrong somewhere in this chain:
Chrome wants to sandbox its renderer processes so they can't wrote to the file system. To do this, it uses a tool, chrome_sandbox, that requires elevated privileges. (Used to be setuid root, now uses namespaces.)
(For the record: this is all correct, but was a mirage in front of my real problem. My actual problem was that Chrome was hanging while trying to use the GPU, because the GPU isn't virtualized. All the sandbox problems were caused when I tried to see what was happening.)