Andrew Pruski explains to us why it can be bad to have a container user running as root:
Recently I noticed that Microsoft uploaded a new dockerfile to the mssql-docker repository on Github. This dockerfile was under the mssql-server-linux-non-root directory and (you guessed it) allows SQL Server containers to run as non-root.
But why is running a container as root bad? Let’s run through an example.
Just as with physical devices and VMs before them, Docker containers can do a lot of damage if you’re logged in as root.