From my brief finding, it seems Layer 1 Sandbox should stay the way it’s, Namespace. Only when namespaces aren’t available, Yama LSM Enforcing/Ptrace Protection with Yama LSM (Non-broker) is available as an alternative mode, see here1, and here2.
Basically, only Ptrace Protection with Yama LSM (Broker) should be enabled as an additional security feature. Anyone can enable this feature by copying the yama.conf file from /usr/lib/sysctl.d/ to /etc/sysctl.d/. Then, change kernel.yama.ptrace_scope value inside the file from 0 to 1 (the default value on Ubuntu).
EDIT: my current brave://sandbox on openSUSE with Ptrace Protection enabled:
| Feature | Value |
|---|---|
| Layer 1 Sandbox | Namespace |
| PID namespaces | Yes |
| Network namespaces | Yes |
| Seccomp-BPF sandbox | Yes |
| Seccomp-BPF sandbox supports TSYNC | Yes |
| Ptrace Protection with Yama LSM (Broker) | Yes |
| Ptrace Protection with Yama LSM (Non-broker) | No |