While working on a feature for snapd, we had a need to perform a "secure bind mount". In this context, "secure" meant:
The source and/or target of the mount is owned by a less privileged user. User processes will continue to run while we're performing the mount (so solutions that involve suspending all user processes are out). While we can't prevent the user from moving the mount point, they should not be able to trick us into mounting to locations they don't control (e.