Here’s a good article why shouldn’t run root in a container. Most applications nowadays should be able to start as a non-privileged user from the start, instead of running as root and then dropping privileges after it has started. That practice that has its roots back in the 1960’s and 1970’s when ports under 1024 were reserved only for root. With containers, you can easily use port forwarding to use ports higher than 1024. For example, instead instead of port 80, you can use 8080.