The short answer is that yes, they do. And yes lowering the privileges of the user helps in avoiding container escapes, which basically makes the other advantages for containers valid. You can, however, achieve the same using (relatively obscure, imho) systemd settings, running with flatpak etc. Namespaces + Cgroups + Seccomp + Capabilities = better security. Containers make it easy to use all of the above.